SUSE: 2020:3367-1 Moderate: Libzypp Zypper Security Issues Fixed
suse
November 19, 2020
An update that solves one vulnerability and has two fixes is now available
Summary
This update for libzypp, zypper fixes the following issues: libzypp fixes the following security issue: - CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763). zypper was updated to fix the following issues: - Fixed an issue, where zypper crashed when the system language is set to Spanish and the user tried to patch their system with 'zypper patch --category security' (bsc#1178038) - Fixed a typo in man page (bsc#1169947) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2020-3367=1 - SUSE Linux Enterprise Server for SAP 12-SP2:
Topics Covered
References
#1158763 #1169947 #1178038
Cross- CVE-2019-18900
Affected Products:
SUSE OpenStack Cloud 7
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
SUSE Linux Enterprise Server 12-SP2-BCL
https://www.suse.com/security/cve/CVE-2019-18900.html
https://bugzilla.suse.com/1158763
https://bugzilla.suse.com/1169947
https://bugzilla.suse.com/1178038
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2020:3367-1
Rating: moderate
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!