SUSE-SU-2021:2145-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:2145-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2021:2145-1
- Related
- Published
- 2021-06-23T14:51:08Z
- Modified
- 2021-06-23T14:51:08Z
- Summary
- Security update for libsolv
- Details
-
This update for libsolv fixes the following issues:
Security issues fixed:
- CVE-2019-20387: Fixed heap-buffer-overflow in repodata_schema2id (bsc#1161510)
- CVE-2021-3200: testcase_read: error out if repos are added or the system is changed too late (bsc#1186229)
Other issues fixed:
- backport support for blacklisted packages to support ptf packages and retracted patches
- fix ruleinfo of complex dependencies returning the wrong origin
- fix SOLVERFLAGFOCUS_BEST updateing packages without reason
- fix addcomplexrecommends() selecting conflicted packages in rare cases
- fix potential segfault in resolve_jobrules
- fix solv_zchunk decoding error if large chunks are used
- References
Affected packages
SUSE:Linux Enterprise Server 12 SP2-BCL / libsolv
Package
- Name
- libsolv
- Purl
- purl:rpm/suse/libsolv&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL