Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

SUSE: 2023:0985-1 High: libsolv, libzypp, yast2-network, zypper

suse
Calendar Grey March 11, 2021
Dist Suse Esm H88
New versions of libsolv, libzypp, yast2-installation, and zypper have been released by SUSE, addressing a particular bug.
An update that solves one vulnerability and has 15 fixes is now available

Summary

This update for libsolv, libzypp, yast2-installation, zypper fixes the following issues: Update zypper to version 1.14.43: - doc: give more details about creating versioned package locks (bsc#1181622) - man: Document synonymously used patch categories (bsc#1179847) - Fix source-download commnds help (bsc#1180663) - man: Recommend to use the --non-interactive global option rather than the command option -y (bsc#1179816) - Extend apt packagemap (fixes #366) - --quiet: Fix install summary to write nothing if there's nothing todo (bsc#1180077) - Prefer /run over /var/run. Update libzypp to 17.25.8: - Try to provide a mounted /proc in --root installs (bsc#1181328) Some systemd tools require /proc to be mounted and fail if it's not there. - Enable release packages to request a releaxed suse/opensuse vendorcheck

References

#1050625 #1174016 #1177238 #1177275 #1177427

#1177583 #1178910 #1178966 #1179083 #1179222

#1179415 #1179847 #1179909 #1181328 #1181622

#1182629

Cross- CVE-2017-9271

CVSS scores:

CVE-2017-9271 (NVD) : 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2017-9271 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products:

SUSE Linux Enterprise Server for SAP 15

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Installer 15

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise High Performance Computing 15-ESPOS

https://www.suse.com/security/cve/CVE-2017-9271.html

https://bugzilla.suse.com/1050625

https://bugzilla.suse.com/1174016

https://bugzilla.suse.com/1177238

https://bugzilla.suse.com/1177275

Announcement ID: SUSE-SU-2021:0770-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.