Download
| Alert*
oval:org.secpod.oval:def:503243
libsolv is installed oval:org.secpod.oval:def:67971 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. The following packages have been upgraded to a later upstream version: libsolv . Security Fix: * libsolv: out-of-bounds read in repodata_schema2id in repodata.c For more details about the se ... oval:org.secpod.oval:def:504782 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. The following packages have been upgraded to a later upstream version: libsolv . Security Fix: * libsolv: out-of-bounds read in repodata_schema2id in repodata.c For more details about the se ... oval:org.secpod.oval:def:89047496 This update for libsolv, libzypp, zypper fixes the following issues: Security relevant fix: - Harden package signature checks . libsolv update to 0.7.22: - reworked choice rule generation to cover more usecases - support SOLVABLE_PREREQ_IGNOREINST in the ordering code - support parsing of Debian"s ... oval:org.secpod.oval:def:2500048 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. oval:org.secpod.oval:def:89050260 This update for libsolv, libzypp, zypper fixes the following issues: Security issue fixed: - CVE-2019-18900: Fixed assert cookie file that was world readable . Bug fixes - Fixed removing orphaned packages dropped by to-be-installed products . - Adds libzypp API to mark all obsolete kernels according ... oval:org.secpod.oval:def:89050364 This update for libsolv, libzypp, zypper fixes the following issues: Security issue fixed: - CVE-2019-18900: Fixed assert cookie file that was world readable . Bug fixes - Fixed removing orphaned packages dropped by to-be-installed products . - Adds libzypp API to mark all obsolete kernels according ... oval:org.secpod.oval:def:89049758 This update for libzypp, zypper, libsolv provides the following fixes: Security fixes in libzypp: - CVE-2018-7685: PackageProvider: Validate RPMs before caching - CVE-2017-9269: Be sure bad packages do not stay in the cache Changes in libzypp: - Update to version 17.6.4 - Automatically fetch repos ... oval:org.secpod.oval:def:19500183 A flaw was found in libsolv. A buffer overflow vulnerability could cause a denial of service. The highest threat from this vulnerability is to system availability oval:org.secpod.oval:def:121716 A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: - Using a dictionary approach to store and retrieve package and dependency information. - Using satisfiability, a well known and researched topic, for resolving package depe ... oval:org.secpod.oval:def:4501241 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fix: * libsolv: heap-based buffer overflow in testcase_read in src/testcase.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and othe ... oval:org.secpod.oval:def:86339 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fix: * libsolv: heap-based buffer overflow in testcase_read in src/testcase.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and othe ... oval:org.secpod.oval:def:2500319 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. oval:org.secpod.oval:def:4500067 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1505223 [0.7.19-1] - Update to 0.7.19 - repo_add_conda: add flag to skip v2 packages - fix rare segfault in resolve_jobrules that could happen if new rules are learnt - fix error handling in solv_xfopen_fd - fix memory leaks [0.7.17-2] - Fix rpm dependency [0.7.17-1] - Update to 0.7.17 - selected bug fixes: ... oval:org.secpod.oval:def:2500388 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. oval:org.secpod.oval:def:89003100 This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 and fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_st ... oval:org.secpod.oval:def:89002991 This update for libsolv fixes the following issues: This is a reissue of an existing libsolv update that also included libsolv-devel for LTSS products. libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testc ... oval:org.secpod.oval:def:503242 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fix: * libsolv: NULL pointer dereference in function testcase_read * libsolv: NULL pointer dereference in function testcase_str2dep_complex * libsolv: illegal address access in pool ... oval:org.secpod.oval:def:205306 The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fix: * libsolv: NULL pointer dereference in function testcase_read * libsolv: NULL pointer dereference in function testcase_str2dep_complex * libsolv: illegal address access in pool ... oval:org.secpod.oval:def:1504540 createrepo_c [0.11.0-3] - Backport patch to switch off timestamps on documentation in order to remove file conflicts [0.11.0-2] - Consistently produce valid URLs by prepending protocol. - modifyrepo_c: Prevent doubling of compression - Correct pkg count in headers if there were invalid pkgs - A ... oval:org.secpod.oval:def:89003092 This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_str2de ... oval:org.secpod.oval:def:1700281 There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application.Th ... |