Synopsis: Low: libsolv security and bug fix update

Advisory ID:       SLSA-2019:2290-1

Issue Date:        2019-08-06

CVE Numbers:       CVE-2018-20534

                   CVE-2018-20532

                   CVE-2018-20533

--



Security Fix(es):



* libsolv: NULL pointer dereference in function testcase_read

(CVE-2018-20532)



* libsolv: NULL pointer dereference in function testcase_str2dep_complex

(CVE-2018-20533)



* libsolv: illegal address access in pool_whatprovides in src/pool.h

(CVE-2018-20534)

--



SL7

  x86_64

    libsolv-0.6.34-4.el7.x86_64.rpm

    libsolv-0.6.34-4.el7.i686.rpm

    libsolv-devel-0.6.34-4.el7.i686.rpm

    libsolv-tools-0.6.34-4.el7.x86_64.rpm

    libsolv-demo-0.6.34-4.el7.x86_64.rpm

    python2-solv-0.6.34-4.el7.x86_64.rpm

    libsolv-devel-0.6.34-4.el7.x86_64.rpm

    libsolv-tools-0.6.34-4.el7.i686.rpm

    libsolv-debuginfo-0.6.34-4.el7.i686.rpm

    libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm



- Scientific Linux Development Team