This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 and fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_str2dep_complex . - CVE-2018-20534: Fixed a NULL pointer dereference in pool_whatprovides . Non-security issues fixed: - Made cleandeps jobs on patterns work . - Fixed an issue multiversion packages that obsolete their own name . - Keep consistent package name if there are multiple alternatives . Fixes for libzypp: - Fixes a bug where locking the kernel was not possible - Fixes a file descriptor leak - Will now run file conflict check on dry-run Fixes for zypper: - Fixes a bug where the wrong exit code was set when refreshing repos if --root was used - Improved the displaying of locks - Fixes an issue where `https` repository urls caused an error prompt to appear twice - zypper will now always warn when no repositories are defined - Fixes bash completion option detection