| Revision Date: | 2021-01-13 | Version: | 1 |
| Title: | Security update for libzypp, zypper (Moderate) |
| Description: |
This update for libzypp, zypper fixes the following issues:
Update zypper to version 1.14.41
Update libzypp to 17.25.4
- CVE-2017-9271: Fixed information leak in the log file (bsc#1050625 bsc#1177583) - RepoManager: Force refresh if repo url has changed (bsc#1174016) - RepoManager: Carefully tidy up the caches. Remove non-directory entries. (bsc#1178966) - RepoInfo: ignore legacy type= in a .repo file and let RepoManager probe (bsc#1177427). - RpmDb: If no database exists use the _dbpath configured in rpm. Still makes sure a compat symlink at /var/lib/rpm exists in case the configures _dbpath is elsewhere. (bsc#1178910) - Fixed update of gpg keys with elongated expire date (bsc#179222) - needreboot: remove udev from the list (bsc#1179083) - Fix lsof monitoring (bsc#1179909)
yast-installation was updated to 4.2.48:
- Do not cleanup the libzypp cache when the system has low memory, incomplete cache confuses libzypp later (bsc#1179415)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1050625
1174016
1177238
1177275
1177427
1177583
1178910
1178966
1179083
1179222
1179415
1179909
CVE-2017-9271
|
| Platform(s): | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
| Product(s): | |