This update for libsolv, libzypp, zypper fixes the following issues: Security relevant fix: - Harden package signature checks . libsolv update to 0.7.22: - reworked choice rule generation to cover more usecases - support SOLVABLE_PREREQ_IGNOREINST in the ordering code - support parsing of Debian"s Multi-Arch indicator - fix segfault on conflict resolution when using bindings - fix split provides not working if the update includes a forbidden vendor change - support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY - support zstd compressed control files in debian packages - add an ifdef allowing to rename Solvable dependency members - support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata - support queying of the custom vendor check function new function: pool_get_custom_vendorcheck - support solv files with an idarray block - allow accessing the toolversion at runtime libzypp update to 17.30.0: - ZConfig: Update solver settings if target changes - Fix possible hang in singletrans mode - Do 2 retries if mount is still busy. - Fix package signature check Pay attention that header and payload are secured by a valid signature and report more detailed which signature is missing. - Retry umount if device is busy A previously released ISO image may need a bit more time to release it"s loop device. So we wait a bit and retry. - Fix serializing/deserializing type mismatch in zypp-rpm protocol - Fix handling of ISO media in releaseAll - Hint on common ptf resolver conflicts - Hint on ptfless thangreater than patch resolver conflicts zypper update to 1.14.52: - info: print the packages upstream URL if available - info: Fix SEGV with not installed PTFs - Don"t prevent less restrictive umasks