Explore top 10 tips to secure your open-source projects now. Read More
×
This update for libzypp and libsolv fixes the following issues:
Security issues fixed:
- CVE-2018-20532: Fixed NULL pointer dereference at ext/testcase.c
(function testcase_read) (bsc#1120629).
- CVE-2018-20533: Fixed NULL pointer dereference at ext/testcase.c
(function testcase_str2dep_complex) in libsolvext.a (bsc#1120630).
- CVE-2018-20534: Fixed illegal address access at src/pool.h (function
pool_whatprovides) in libsolv.a (bsc#1120631).
Fixed bugs and enhancements:
- make cleandeps jobs on patterns work (bnc#1137977)
- Fixed an issue where libsolv failed to build against swig 4.0 by
updating the version to 0.7.5 (bsc#1135749).
- Virtualization host upgrade from SLES-15 to SLES-15-SP1 finished with
wrong product name shown up (bsc#1131823).
- Copy pattern categories from the rpm that defines the pattern
(fate#323785).
- Enhance scanning /sys for modaliases (bsc#1130161).
- Prevent SEGV if the application sets...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.0:
zypper in -t patch openSUSE-2019-1927=1
- openSUSE Leap 15.0 (i586 x86_64):
PackageKit-1.1.10-lp150.11.1
PackageKit-backend-zypp-1.1.10-lp150.11.1
PackageKit-backend-zypp-debuginfo-1.1.10-lp150.11.1
PackageKit-debuginfo-1.1.10-lp150.11.1
PackageKit-debugsource-1.1.10-lp150.11.1
PackageKit-devel-1.1.10-lp150.11.1
PackageKit-devel-debuginfo-1.1.10-lp150.11.1
PackageKit-gstreamer-plugin-1.1.10-lp150.11.1
PackageKit-gstreamer-plugin-debuginfo-1.1.10-lp150.11.1
PackageKit-gtk3-module-1.1.10-lp150.11.1
PackageKit-gtk3-module-debuginfo-1.1.10-lp150.11.1
libpackagekit-glib2-18-1.1.10-lp150.11.1
libpackagekit-glib2-18-debuginfo-1.1.10-lp150.11.1
libpackagekit-glib2-devel-1.1.10-lp150.11.1
libyui-ncurses-pkg-debugsource-2.48.5.2-lp150.7.1
libyui-ncurses-pkg-devel-2.48.5.2-lp150.7.1
libyui-ncurses-pkg8-2.48.5.2-lp150.7.1
libyui-ncurses-pkg8-debuginfo-2.48.5.2-lp150.7.1
libyui-qt-pkg-debugsource-2.45.15.2-lp150.7.1
libyui-qt-pkg-devel-2.45.15.2-lp150.7.1
libyui-qt-pkg8-2.45.15.2-lp150.7.1
libyui-qt-pkg8-debuginfo-2.45.15.2-lp150.7.1
typelib-1_0-PackageKitGlib...
Read the Full Advisoryhttps://www.suse.com/security/cve/CVE-2018-20532.html
https://www.suse.com/security/cve/CVE-2018-20533.html
https://www.suse.com/security/cve/CVE-2018-20534.html
https://bugzilla.suse.com/1047962
https://bugzilla.suse.com/1049826
https://bugzilla.suse.com/1053177
https://bugzilla.suse.com/1065022
https://bugzilla.suse.com/1099019
https://bugzilla.suse.com/1102261
https://bugzilla.suse.com/1110542
https://bugzilla.suse.com/1111319
https://bugzilla.suse.com/1112911
https://bugzilla.suse.com/1113296
https://bugzilla.suse.com/1114908
https://bugzilla.suse.com/1115341
https://bugzilla.suse.com/1116840
https://bugzilla.suse.com/1118758
https://bugzilla.suse.com/1119373
https://bugzilla.suse.com/1119820
https://bugzilla.suse.com/1119873
https://bugzilla.suse.com/1120263
https://bugzilla.suse.com/1120463
https://bugzilla.suse.com/1120629
https://bugzilla.suse.com/1120630
https://bugzilla.suse.com/1120631
https://bugzilla.suse.com/1121611
https://bugzilla.suse.com/1122062
https://bugzilla.suse.com/1122471
https://bugzilla...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.