Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2020:0087-1 Moderate: libsolv, libzypp, zypper Security Update

suse
Calendar Grey January 13, 2020
Dist Suse Esm H88
SUSE Security Patch: Protect your system effectively with libsolv, libzypp, and zypper enhancements addressing CVE-2021-12345.
An update that solves one vulnerability and has 10 fixes is now available

Summary

This update for libsolv, libzypp, zypper fixes the following issues: Security issue fixed: - CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763). Bug fixes - Fixed removing orphaned packages dropped by to-be-installed products (bsc#1155819). - Adds libzypp API to mark all obsolete kernels according to the existing purge-kernel script rules (bsc#1155198). - Do not enforce 'en' being in RequestedLocales If the user decides to have a system without explicit language support he may do so (bsc#1155678). - Load only target resolvables for zypper rm (bsc#1157377). - Fix broken search by filelist (bsc#1135114). - Replace python by a bash script in zypper-log (fixes#304, fixes#306, bsc#1156158). - Do not sort out requested locales which are not available (bsc#1155678).

Topics%20covered

Topics Covered

security advisory moderate SUSE zypper libzypp libsolv CVE-2019-18900

References

#1135114 #1154804 #1154805 #1155198 #1155205

#1155298 #1155678 #1155819 #1156158 #1157377

#1158763

Cross- CVE-2019-18900

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Development Tools 15

SUSE Linux Enterprise Module for Basesystem 15

SUSE Linux Enterprise Installer 15

https://www.suse.com/security/cve/CVE-2019-18900.html

https://bugzilla.suse.com/1135114

https://bugzilla.suse.com/1154804

https://bugzilla.suse.com/1154805

https://bugzilla.suse.com/1155198

https://bugzilla.suse.com/1155205

https://bugzilla.suse.com/1155298

https://bugzilla.suse.com/1155678

https://bugzilla.suse.com/1155819

Announcement ID: SUSE-SU-2020:0087-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate SUSE zypper libzypp libsolv CVE-2019-18900

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here