Scientific Linux Security Update : libsolv on SL7.x x86_64 (20190806)

Security Fixes : - libsolv: NULL pointer dereference in function testcaseread CVE-2018-20532 - libsolv: NULL pointer dereference in function testcasestr2depcomplex CVE-2018-20533 - libsolv: illegal address access in poolwhatprovides in src/pool.h CVE-2018-20534 C Tenable Network Security, Inc. Th...

openSUSE Security Update : zypper / libzypp and libsolv (openSUSE-2019-1927)

This update for libzypp and libsolv fixes the following issues : Security issues fixed : - CVE-2018-20532: Fixed NULL pointer dereference at ext/testcase.c function testcaseread bsc1120629. - CVE-2018-20533: Fixed NULL pointer dereference at ext/testcase.c function testcasestr2depcomplex in...

openSUSE: Security Advisory for zypper, libzypp and libsolv (openSUSE-SU-2019:1927-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for zypper, libzypp and libsolv (moderate)

openSUSE Security Update: Security update for zypper, libzypp and libsolv Announcement ID: openSUSE-SU-2019:1927-1 Rating: moderate References: 1047962 1049826 1053177 1065022 1099019 1102261 1110542 1111319 1112911 1113296 1114908 1115341 1116840 1118758 1119373 1119820 1119873 1120263 1120463...

libsolv security and bug fix update

0.6.34-4 - Polish the changelog 0.6.34-3 - Make sure that targeted updates dont do reinstalls - Resolves: bug1668256 - Fix NULL pointer dereference CVE-2018-20532, CVE-2018-20533 - Resolves: bug1669562 - Resolves: bug1669576 - Fix illegal address access in poolwhatprovides CVE-2018-20534 -...

RHEL 7 : libsolv (RHSA-2019:2290)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2290 advisory. The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv: NULL...

SUSE SLED15 / SLES15 Security Update : zypper, libzypp / libsolv (SUSE-SU-2019:2030-1)

This update for libzypp and libsolv fixes the following issues : Security issues fixed : CVE-2018-20532: Fixed NULL pointer dereference at ext/testcase.c function testcaseread bsc1120629. CVE-2018-20533: Fixed NULL pointer dereference at ext/testcase.c function testcasestr2depcomplex in...

Denial Of Service (DoS)

libsolv is vulnerable to denial of service DoS. The attack is due to NULL pointer dereference in function testcaseread...

Low: Red Hat Security Advisory: libsolv security and bug fix update

An update for libsolv is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

libsolv: NULL pointer dereference in function testcase_str2dep_complex

There is a NULL pointer dereference at ext/testcase.c function testcasestr2depcomplex in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service...

libsolv: NULL pointer dereference in function testcase_read

There is a NULL pointer dereference at ext/testcase.c function testcaseread in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service...

libsolv: illegal address access in pool_whatprovides in src/pool.h

There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application...

SUSE-SU-2019:2030-1 Security update for zypper, libzypp and libsolv

This update for libzypp and libsolv fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed NULL pointer dereference at ext/testcase.c function testcaseread bsc1120629. - CVE-2018-20533: Fixed NULL pointer dereference at ext/testcase.c function testcasestr2depcomplex in...

SUSE SLED12 / SLES12 Security Update : libsolv, libzypp, zypper (SUSE-SU-2019:1972-1)

This update for libsolv, libzypp and zypper fixes the following issues : libsolv was updated to version 0.6.36 fixes the following issues : Security issues fixed : CVE-2018-20532: Fixed a NULL pointer dereference in testcaseread bsc1120629. CVE-2018-20533: Fixed a NULL pointer dereference in...

SUSE-SU-2019:1972-1 Security update for libsolv, libzypp, zypper

This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcaseread bsc1120629. - CVE-2018-20533: Fixed a NULL pointer dereference in...

EulerOS 2.0 SP8 : libsolv (EulerOS-SA-2019-1652)

According to the versions of the libsolv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third...

Updated libsolv packages fix security vulnerability

It was discovered that libsolv incorrectly handled certain malformed input. If a user or automated system were tricked into opening a specially crafted file, applications that rely on libsolv could be made to crash, resulting in a denial of service CVE-2018-20532-4...

MGASA-2019-0154 Updated libsolv packages fix security vulnerability

It was discovered that libsolv incorrectly handled certain malformed input. If a user or automated system were tricked into opening a specially crafted file, applications that rely on libsolv could be made to crash, resulting in a denial of service CVE-2018-20532-4...

Ubuntu: Security Advisory (USN-3916-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : libzypp / zypper (openSUSE-2019-685)

This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : - CVE-2018-7685: PackageProvider: Validate RPMs before caching bsc1091624, bsc1088705 - CVE-2017-9269: Be sure bad packages do not stay in the cache bsc1045735 Changes in libzypp : - Update to...