MGASA-2021-0351 - Updated libsolv packages fix a security vulnerability

Publication date: 13 Jul 2021
URL: https://advisories.mageia.org/MGASA-2021-0351.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-3200

Buffer overflow vulnerability in libsolv 2020-12-13 via the
Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job,
char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which
could cause a denial of service (CVE-2021-3200).

References:
- https://bugs.mageia.org/show_bug.cgi?id=29167
- https://lists.suse.com/pipermail/sle-security-updates/2021-June/009080.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3200

SRPMS:
- 8/core/libsolv-0.7.19-1.mga8