Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2020:0432-1 Moderate Security Update for libsolv Issue Fix

suse
Calendar Grey February 21, 2020
Dist Suse Esm H88
Tackling a minor vulnerability via patch SUSE: 2021:0543-2 for libsolv, libzypp, and zypper to improve reliability.
An update that solves one vulnerability and has 10 fixes is now available

Summary

This update for libsolv, libzypp, zypper fixes the following issues: Security issue fixed: - CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763). Bug fixes - Fixed removing orphaned packages dropped by to-be-installed products (bsc#1155819). - Adds libzypp API to mark all obsolete kernels according to the existing purge-kernel script rules (bsc#1155198). - Do not enforce 'en' being in RequestedLocales If the user decides to have a system without explicit language support he may do so (bsc#1155678). - Load only target resolvables for zypper rm (bsc#1157377). - Fix broken search by filelist (bsc#1135114). - Replace python by a bash script in zypper-log (fixes#304, fixes#306, bsc#1156158). - Do not sort out requested locales which are not available (bsc#1155678).

Topics%20covered

Topics Covered

security advisory moderate severity SUSE file permissions zypper libzypp libsolv

References

#1135114 #1154804 #1154805 #1155198 #1155205

#1155298 #1155678 #1155819 #1156158 #1157377

#1158763

Cross- CVE-2019-18900

Affected Products:

SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

SUSE Linux Enterprise Module for Development Tools 15-SP1

SUSE Linux Enterprise Module for Basesystem 15-SP1

https://www.suse.com/security/cve/CVE-2019-18900.html

https://bugzilla.suse.com/1135114

https://bugzilla.suse.com/1154804

https://bugzilla.suse.com/1154805

https://bugzilla.suse.com/1155198

https://bugzilla.suse.com/1155205

https://bugzilla.suse.com/1155298

https://bugzilla.suse.com/1155678

https://bugzilla.suse.com/1155819

https://bugzilla.suse.com/1156158

Announcement ID: SUSE-SU-2020:0432-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate severity SUSE file permissions zypper libzypp libsolv

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here