Oval Definition:oval:org.opensuse.security:def:97209
Revision Date:2021-02-10Version:1
Title:Security update for librepo (Important)
Description:

This update for librepo fixes the following issues:

- Upgrade to 1.12.1 + Validate path read from repomd.xml (bsc#1175475, CVE-2020-14352) - Changes from 1.12.0 + Prefer mirrorlist/metalink over baseurl (rh#1775184) + Decode package URL when using for local filename (rh#1817130) + Fix memory leak in lr_download_metadata() and lr_yum_download_remote() + Download sources work when at least one of specified is working (rh#1775184)
Family:unixClass:patch
Status:Reference(s):1175475
CVE-2020-14352
Platform(s):openSUSE Leap 15.3 SLE Imports
Product(s):
Definition Synopsis
  • openSUSE Leap 15.3 SLE Imports is installed
  • AND Package Information
  • librepo-devel-1.12.1-3.7.1 is installed
  • OR librepo0-1.12.1-3.7.1 is installed
  • OR python3-librepo-1.12.1-3.7.1 is installed
    • BACK