Security update for libsolv, libzypp
| Announcement ID: | SUSE-SU-2022:1128-1 |
|---|---|
| Rating: | important |
| References: | |
| Affected Products: |
|
An update that has four security fixes can now be installed.
Description:
This update for libsolv, libzypp fixes the following issues:
libsolv to 0.6.39:
- fix memory leaks in SWIG generated code
- fix misparsing of '&' in attributes with libxml2
- try to keep packages from a cycle close togther in the transaction order (bsc#1189622)
- fix split provides not working if the update includes a forbidden vendor change (bsc#1195485)
- fix segfault on conflict resolution when using bindings
- do not replace noarch problem rules with arch dependent ones in problem reporting
- fix and simplify pool_vendor2mask implementation
- bump version to 0.6.39
libzypp to 16.22.4:
- Hint on ptf resolver conflicts (bsc#1194848)
- Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by a valid signature and report more detailed which signature is missing.
- Set ZYPP_RPM_DEBUG=1 to capture verbose rpm command output.
Special Instructions and Notes:
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-1128=1
Package List:
-
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (x86_64)
- perl-solv-debuginfo-0.6.39-2.27.32.2
- libzypp-debuginfo-16.22.4-27.85.2
- libsolv-tools-0.6.39-2.27.32.2
- libzypp-debugsource-16.22.4-27.85.2
- libsolv-tools-debuginfo-0.6.39-2.27.32.2
- libzypp-16.22.4-27.85.2
- libzypp-devel-16.22.4-27.85.2
- python-solv-0.6.39-2.27.32.2
- libsolv-devel-0.6.39-2.27.32.2
- perl-solv-0.6.39-2.27.32.2
- python-solv-debuginfo-0.6.39-2.27.32.2
- libsolv-debugsource-0.6.39-2.27.32.2