Oval Definition:oval:org.opensuse.security:def:84780
Revision Date:2017-08-25Version:1
Title:Security update for libzypp (Important)
Description:

The Software Update Stack was updated to receive fixes and enhancements.



libzypp:

- CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix GPG check workflows, mainly for unsigned repositories and packages. (bsc#1045735, bsc#1038984) - Fix gpg-pubkey release (creation time) computation. (bsc#1036659) - Update lsof blacklist. (bsc#1046417) - Re-probe on refresh if the repository type changes. (bsc#1048315) - Propagate proper error code to DownloadProgressReport. (bsc#1047785) - Allow to trigger an appdata refresh unconditionally. (bsc#1009745) - Support custom repo variables defined in /etc/zypp/vars.d.

yast2-pkg-bindings:

- Do not crash when the repository URL is not defined. (bsc#1043218)
Family:unixClass:patch
Status:Reference(s):1009745
1036659
1038984
1043218
1045735
1046417
1047785
1048315
CVE-2017-7435
CVE-2017-7436
CVE-2017-9269
SUSE-SU-2017:2264-1
Platform(s):SUSE Linux Enterprise Server 12 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libzypp-16.15.3-2.3.1 is installed
  • OR yast2-pkg-bindings-3.2.4-2.3.1 is installed
    • BACK