libsolv: illegal address access in pool_whatprovides in src/pool.h

There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application...

Libsolv Illegal Address Access Vulnerability

Libsolv is a free package management library. An illegal address access vulnerability exists in the poolwhatprovides function in src/pool.h in libsolv.a in libsolv 0.7.2 and earlier. An attacker can exploit this vulnerability to cause a denial of service...