Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 36 articles for you...
202
security advisorymoderatesystem updateopenSUSE Tumbleweed libzypp Moderate CVE-2026-25707 Security Update
An update that solves one vulnerability can now be installed.. # libzypp-17.38.10-1.1 on GA media Announcement ID: openSUSE-SU-2026:10896-1 Rating: moderate Cross-References: * CVE-2026-25707 CVSS scores: * CVE-2026-25707 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the libzypp-17.38.10-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * libzypp 17.38.10-1.1 * libzypp-devel 17.38.10-1.1 * libzypp-devel-doc 17.38.10-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25707.html . Update available for openSUSE Tumbleweed libzypp containing a moderate security fix for CVE-2026-25707.. openSUSE Tumbleweed, libzypp security, system patching, moderate severity, CVE-2026-25707. . Severity: Moderate. LinuxSecurity.com Team
Jun 01, 2026
•Moderate
OpenSUSE
100
security advisorysecurity issueimportantSUSE: 2023:1623-1 Important: Curl Fixes And Libzypp Updates
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1623-1 Container Tags : bci/bci-base:15.3 , bci/bci-base:15.3.17.20.140 , suse/sle15:15.3 , suse/sle15:15.3.17.20.140 Container Release : 17.20.140 Severity : important Type : security References : 1127591 1195633 1208329 1209406 1210870 1211231 1211232 1211233 1211339 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2227-1 Released: Wed May 17 09:57:41 2023 Summary: Security update for curl Type: security Severity: important References: 1211231,1211232,1211233,1211339,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322 This update for curl fixes the following issues: - CVE-2023-28320: Fixed siglongjmp race condition (bsc#1211231). - CVE-2023-28321: Fixed IDN wildcard matching (bsc#1211232). - CVE-2023-28322: Fixed POST-after-PUT confusion (bsc#1211233). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2247-1 Released: Thu May 18 17:04:38 2023 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate References: 1127591,1195633,1208329,1209406,1210870 This update for libzypp, zypper fixes the following issues: - Installing local RPM packages fails if /usr/bin/find is not installed (bsc#1195633) - multicurl: propagate ssl settings stored in repo url (bsc#1127591) - MediaCurl: Fix endless loop if wrong credentials are stored in credentials.cat (bsc#1210870) - zypp.conf: Introduce 'download.connect_timeout' [60 sec.] (bsc#1208329) - Teach MediaNetwork toretry on HTTP2 errors. - Fix selecting installed patterns from picklist (bsc#1209406) - man: better explanation of --priority The following package changes have been done: - curl-7.66.0-150200.4.57.1 updated - libcurl4-7.66.0-150200.4.57.1 updated - libsolv-tools-0.7.24-150200.18.1 updated - libzypp-17.31.11-150200.61.1 updated - zypper-1.14.60-150200.51.1 updated . SUSE Container Update for suse/sle15 provides important security patches for wget, libsolv, and improvements to system performance.. SUSE Container Update,curl security,libzypp fix,zypper update. . Severity: Important. LinuxSecurity.com Team
May 25, 2023
•Important
SuSE
100
security advisoryimportantsuseSUSE SLES12SP5: 2023:1620-1 Important Security Update for curl
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1620-1 Container Tags : suse/sles12sp5:6.5.472 , suse/sles12sp5:latest Container Release : 6.5.472 Severity : important Type : security References : 1198608 1203248 1203249 1208329 1210593 1211230 1211231 1211232 1211233 428822 CVE-2022-27774 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2225-1 Released: Wed May 17 09:54:33 2023 Summary: Security update for curl Type: security Severity: important References: 1198608,1211230,1211231,1211232,1211233,CVE-2022-27774,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322 This update for curl adds the following feature: Update to version 8.0.1 (jsc#PED-2580) - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230). - CVE-2023-28320: siglongjmp race condition (bsc#1211231). - CVE-2023-28321: IDN wildcard matching (bsc#1211232). - CVE-2023-28322: POST-after-PUT confusion (bsc#1211233). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2249-1 Released: Thu May 18 17:07:31 2023 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate References: 1203248,1203249,1208329,428822 This update for libzypp, zypper fixes the following issues: - Removing a PTF without enabled repos should always fail (bsc#1203248) - zypp.conf: Introduce 'download.connect_timeout' [60 sec.] (bsc#1208329) - Add expert (allow-*) options to allinstaller commands (bsc#428822) - Provide 'removeptf' command (bsc#1203249) A remove command which prefers replacing dependant packages to removing them as well. A PTF is typically removed as soon as the fix it provides is applied to the latest official update of the dependant packages. But you don't want the dependant packages to be removed together with the PTF, which is what the remove command would do. The removeptf command however will aim to replace the dependant packages by their official update versions. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2260-1 Released: Mon May 22 10:29:33 2023 Summary: Recommended update for zlib Type: recommended Severity: moderate References: 1210593 This update for zlib fixes the following issues: - Fix crash when calling deflateBound() function (bsc#1210593) The following package changes have been done: - libcurl4-8.0.1-11.65.2 updated - libz1-1.2.11-11.34.1 updated - libzypp-16.22.7-48.2 updated - zypper-1.13.64-21.55.2 updated . SUSE Container Update Advisory provides essential security enhancements for suse/sles12sp5, encompassing significant curl fixes and additional updates.. suse/sles12sp5, curl security, libzypp update, zlib fix. . Severity: Important. LinuxSecurity.com Team
May 25, 2023
•Important
SuSE
202
security advisoryimportantSUSEopenSUSE 15.4: SUSE-SU-2023:0095-1 Important Shell Injection Fix
An update that fixes one vulnerability is now available.. SUSE Security Update: Security update for libzypp-plugin-appdata ______________________________________________________________________________ Announcement ID: SUSE-SU-2023:0095-1 Rating: important References: #1206836 Cross-References: CVE-2023-22643 Affected Products: SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libzypp-plugin-appdata fixes the following issues: - CVE-2023-22643: Fixed potential shell injection related to malicious repo names (bsc#1206836). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2023-95=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-95=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-95=1 Package List: - openSUSE Leap 15.4 (noarch): libzypp-plugin-appdata-1.0.1+git.20180426-150400.18.3.1 openSUSE-appdata-extra-1.0.1+git.20180426-150400.18.3.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch): openSUSE-appdata-extra-1.0.1+git.20180426-150400.18.3.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (noarch): libzypp-plugin-appdata-1.0.1+git.20180426-150400.18.3.1 References: https://www.suse.com/security/cve/CVE-2023-22643.html https://bugzilla.suse.com/1206836 . SUSE Security Update: Critical update for libzypp-plugin-appdata Announcement ID:SUSE-SU-2023:0096-1. SUSE Linux, Libzypp Update, Security Patch, SUSE Leap, Appdata Security. . Severity: Important. LinuxSecurity.com Team
Jan 17, 2023
•Important
OpenSUSE
202
security advisorysecurity fiximportantopenSUSE Leap Micro 5.2: 2022:1157-1 Important: Zypper Security Fix
An update that contains security fixes can now be installed. . openSUSE Security Update: Security update for libsolv, libzypp, zypper ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:1157-1 Rating: important References: #1184501 #1194848 #1195999 #1196061 #1196317 #1196368 #1196514 #1196925 #1197134 Affected Products: openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for libsolv, libzypp, zypper fixes the following issues: Security relevant fix: - Harden package signature checks (bsc#1184501). libsolv update to 0.7.22: - reworked choice rule generation to cover more usecases - support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514) - support parsing of Debian's Multi-Arch indicator - fix segfault on conflict resolution when using bindings - fix split provides not working if the update includes a forbidden vendor change - support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY - support zstd compressed control files in debian packages - add an ifdef allowing to rename Solvable dependency members ("requires" is a keyword in C++20) - support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata - support queying of the custom vendor check function new function: pool_get_custom_vendorcheck - support solv files with an idarray block - allow accessing the toolversion at runtime libzypp update to 17.30.0: - ZConfig: Update solver settings if target changes (bsc#1196368) - Fix possible hang in singletrans mode (bsc#1197134) - Do 2 retries if mount is still busy. - Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by avalid signature and report more detailed which signature is missing. - Retry umount if device is busy (bsc#1196061, closes #381) A previously released ISO image may need a bit more time to release it's loop device. So we wait a bit and retry. - Fix serializing/deserializing type mismatch in zypp-rpm protocol (bsc#1196925) - Fix handling of ISO media in releaseAll (bsc#1196061) - Hint on common ptf resolver conflicts (bsc#1194848) - Hint on ptf patch resolver conflicts (bsc#1194848) zypper update to 1.14.52: - info: print the packages upstream URL if available (fixes #426) - info: Fix SEGV with not installed PTFs (bsc#1196317) - Don't prevent less restrictive umasks (bsc#1195999) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-1157=1 Package List: - openSUSE Leap Micro 5.2 (aarch64 x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - openSUSE Leap Micro 5.2 (noarch): zypper-needs-restarting-1.14.52-150200.30.2 References: https://bugzilla.suse.com/1184501 https://bugzilla.suse.com/1194848 https://bugzilla.suse.com/1195999 https://bugzilla.suse.com/1196061 https://bugzilla.suse.com/1196317 https://bugzilla.suse.com/1196368 https://bugzilla.suse.com/1196514 https://bugzilla.suse.com/1196925 https://bugzilla.suse.com/1197134 . Recent updates to libsolv, libzypp, and zypper fix criticalvulnerabilities and enhance installation processes, ensuring better user protection and streamlined management. openSUSE Update, libsolv Security, zypper Patch, libzypp Fixes, Software Update. . Severity: Important. LinuxSecurity.com Team
Sep 01, 2022
•Important
OpenSUSE
100
security advisorysecurity issueimportantSUSE: 2022:1157-2 Important: libsolv, libzypp, zypper Security Flaws
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for libsolv, libzypp, zypper ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1157-2 Rating: important References: #1184501 #1194848 #1195999 #1196061 #1196317 #1196368 #1196514 #1196925 #1197134 Affected Products: SUSE Linux Enterprise Micro 5.2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for libsolv, libzypp, zypper fixes the following issues: Security relevant fix: - Harden package signature checks (bsc#1184501). libsolv update to 0.7.22: - reworked choice rule generation to cover more usecases - support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514) - support parsing of Debian's Multi-Arch indicator - fix segfault on conflict resolution when using bindings - fix split provides not working if the update includes a forbidden vendor change - support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY - support zstd compressed control files in debian packages - add an ifdef allowing to rename Solvable dependency members ("requires" is a keyword in C++20) - support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata - support queying of the custom vendor check function new function: pool_get_custom_vendorcheck - support solv files with an idarray block - allow accessing the toolversion at runtime libzypp update to 17.30.0: - ZConfig: Update solver settings if target changes (bsc#1196368) - Fix possible hang in singletrans mode (bsc#1197134) - Do 2 retries if mount is still busy. - Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by avalid signature and report more detailed which signature is missing. - Retry umount if device is busy (bsc#1196061, closes #381) A previously released ISO image may need a bit more time to release it's loop device. So we wait a bit and retry. - Fix serializing/deserializing type mismatch in zypp-rpm protocol (bsc#1196925) - Fix handling of ISO media in releaseAll (bsc#1196061) - Hint on common ptf resolver conflicts (bsc#1194848) - Hint on ptf patch resolver conflicts (bsc#1194848) zypper update to 1.14.52: - info: print the packages upstream URL if available (fixes #426) - info: Fix SEGV with not installed PTFs (bsc#1196317) - Don't prevent less restrictive umasks (bsc#1195999) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1157=1 Package List: - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise Micro 5.2 (noarch): zypper-needs-restarting-1.14.52-150200.30.2 References: https://bugzilla.suse.com/1184501 https://bugzilla.suse.com/1194848 https://bugzilla.suse.com/1195999 https://bugzilla.suse.com/1196061 https://bugzilla.suse.com/1196317 https://bugzilla.suse.com/1196368 https://bugzilla.suse.com/1196514 https://bugzilla.suse.com/1196925 https://bugzilla.suse.com/1197134 . SUSE Security Patch resolves criticalvulnerabilities in libsolv, libzypp, and zypper to bolster overall system defense.. SUSE Security Update, Libsolv Security, Security Fixes, Package Management. . Severity: Important. LinuxSecurity.com Team
Jul 14, 2022
•Important
SuSE
100
security advisorysystem integritySUSESUSE: 2022:1157-1 Important: libsolv and zypper Security Update
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for libsolv, libzypp, zypper ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1157-1 Rating: important References: #1184501 #1194848 #1195999 #1196061 #1196317 #1196368 #1196514 #1196925 #1197134 Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP2 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP2 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Installer 15-SP2 SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Development Tools 15-SP3 SUSE Linux Enterprise Realtime Extension 15-SP2 SUSE Linux Enterprise Server 15-SP2 SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSELeap 15.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for libsolv, libzypp, zypper fixes the following issues: Security relevant fix: - Harden package signature checks (bsc#1184501). libsolv update to 0.7.22: - reworked choice rule generation to cover more usecases - support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514) - support parsing of Debian's Multi-Arch indicator - fix segfault on conflict resolution when using bindings - fix split provides not working if the update includes a forbidden vendor change - support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY - support zstd compressed control files in debian packages - add an ifdef allowing to rename Solvable dependency members ("requires" is a keyword in C++20) - support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata - support queying of the custom vendor check function new function: pool_get_custom_vendorcheck - support solv files with an idarray block - allow accessing the toolversion at runtime libzypp update to 17.30.0: - ZConfig: Update solver settings if target changes (bsc#1196368) - Fix possible hang in singletrans mode (bsc#1197134) - Do 2 retries if mount is still busy. - Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by a valid signature and report more detailed which signature is missing. - Retry umount if device is busy (bsc#1196061, closes #381) A previously released ISO image may need a bit more time to release it's loop device. So we wait a bit and retry. - Fix serializing/deserializing type mismatch in zypp-rpm protocol (bsc#1196925) - Fix handling of ISO media in releaseAll (bsc#1196061) - Hint on common ptf resolver conflicts (bsc#1194848) -Hint on ptf patch resolver conflicts (bsc#1194848) zypper update to 1.14.52: - info: print the packages upstream URL if available (fixes #426) - info: Fix SEGV with not installed PTFs (bsc#1196317) - Don't prevent less restrictive umasks (bsc#1195999) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1157=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1157=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1157=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1157=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1157=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1157=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1157=1 - SUSE Linux Enterprise Realtime Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1157=1 - SUSE Linux Enterprise Module for Development Tools 15-SP3: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1157=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1157=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1157=1 - SUSE Linux Enterprise Micro 5.0: zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1157=1 - SUSE Linux Enterprise Installer 15-SP2: zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2022-1157=1 - SUSE Linux Enterprise High Performance Computing15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1157=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1157=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-1157=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-demo-0.7.22-150200.12.1 libsolv-demo-debuginfo-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 libzypp-devel-doc-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python-solv-0.7.22-150200.12.1 python-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - openSUSE Leap 15.3 (noarch): zypper-aptitude-1.14.52-150200.30.2 zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Manager Server 4.1 (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Manager Retail Branch Server 4.1 (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Manager Retail Branch Server 4.1 (x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Manager Proxy 4.1 (x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Manager Proxy 4.1 (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise Micro 5.1 (noarch): zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise Micro 5.0 (noarch): zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise Installer 15-SP2 (aarch64 ppc64le s390x x86_64): libsolv-tools-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 - SUSE Enterprise Storage 7 (aarch64 x86_64): libsolv-debuginfo-0.7.22-150200.12.1 libsolv-debugsource-0.7.22-150200.12.1 libsolv-devel-0.7.22-150200.12.1 libsolv-devel-debuginfo-0.7.22-150200.12.1 libsolv-tools-0.7.22-150200.12.1 libsolv-tools-debuginfo-0.7.22-150200.12.1 libzypp-17.30.0-150200.36.1 libzypp-debuginfo-17.30.0-150200.36.1 libzypp-debugsource-17.30.0-150200.36.1 libzypp-devel-17.30.0-150200.36.1 perl-solv-0.7.22-150200.12.1 perl-solv-debuginfo-0.7.22-150200.12.1 python3-solv-0.7.22-150200.12.1 python3-solv-debuginfo-0.7.22-150200.12.1 ruby-solv-0.7.22-150200.12.1 ruby-solv-debuginfo-0.7.22-150200.12.1 zypper-1.14.52-150200.30.2 zypper-debuginfo-1.14.52-150200.30.2 zypper-debugsource-1.14.52-150200.30.2 - SUSE Enterprise Storage 7 (noarch): zypper-log-1.14.52-150200.30.2 zypper-needs-restarting-1.14.52-150200.30.2 References: https://bugzilla.suse.com/1184501 https://bugzilla.suse.com/1194848 https://bugzilla.suse.com/1195999 https://bugzilla.suse.com/1196061 https://bugzilla.suse.com/1196317 https://bugzilla.suse.com/1196368 https://bugzilla.suse.com/1196514 https://bugzilla.suse.com/1196925 https://bugzilla.suse.com/1197134 . Keep your system secure by updating to the newest SUSE Security Patch for libsolv, libzypp, and zypper to maintain stability and protection.. SUSE Security Update, libsolv Fixes, zypper Issues. . Severity: Important. LinuxSecurity.com Team
Apr 12, 2022
•Important
SuSE
100
security advisoryimportantsuseSUSE: 2022:558-1 Important Update For SUSE/SLE15 - Security Enhancements
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:558-1 Container Tags : suse/sle15:15.1 , suse/sle15:15.1.6.2.599 Container Release : 6.2.599 Severity : important Type : security References : 1184501 1194848 1195999 1196061 1196317 1196368 1196514 1196925 1197134 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1131-1 Released: Fri Apr 8 09:43:53 2022 Summary: Security update for libsolv, libzypp, zypper Type: security Severity: important References: 1184501,1194848,1195999,1196061,1196317,1196368,1196514,1196925,1197134 This update for libsolv, libzypp, zypper fixes the following issues: Security relevant fix: - Harden package signature checks (bsc#1184501). libsolv to 0.7.22: - reworked choice rule generation to cover more usecases - support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514) - support parsing of Debian's Multi-Arch indicator - fix segfault on conflict resolution when using bindings - fix split provides not working if the update includes a forbidden vendor change - support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY - support zstd compressed control files in debian packages - add an ifdef allowing to rename Solvable dependency members ('requires' is a keyword in C++20) - support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata - support queying of the custom vendor check function new function: pool_get_custom_vendorcheck - support solv files with an idarray block - allow accessing the toolversion atruntime libzypp to 17.30.0: - ZConfig: Update solver settings if target changes (bsc#1196368) - Fix possible hang in singletrans mode (bsc#1197134) - Do 2 retries if mount is still busy. - Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by a valid signature and report more detailed which signature is missing. - Retry umount if device is busy (bsc#1196061, closes #381) A previously released ISO image may need a bit more time to release it's loop device. So we wait a bit and retry. - Fix serializing/deserializing type mismatch in zypp-rpm protocol (bsc#1196925) - Fix handling of ISO media in releaseAll (bsc#1196061) - Hint on common ptf resolver conflicts (bsc#1194848) - Hint on ptf patch resolver conflicts (bsc#1194848) zypper to 1.14.52: - info: print the packages upstream URL if available (fixes #426) - info: Fix SEGV with not installed PTFs (bsc#1196317) - Don't prevent less restrictive umasks (bsc#1195999) The following package changes have been done: - libsolv-tools-0.7.22-150100.4.6.1 updated - libzypp-17.30.0-150100.3.78.1 updated - zypper-1.14.52-150100.3.55.2 updated . SUSE Container Update Bulletin: suse/sle15 has essential security patches for libsolv, libzypp, and zypper enhancements.. SUSE Container Update, Security Update, Container Advisory. . Severity: Important. LinuxSecurity.com Team
Apr 09, 2022
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!