ALSA-2021:4408

[ALSA-2021:4408] Low: libsolv security and bug fix update

Type:

security

Severity:

low

Release date:

2021-11-12

Description:

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm.

Security Fix(es):

* libsolv: heap-based buffer overflow in testcase_read() in src/testcase.c (CVE-2021-3200)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

CVE-2021-3200

Updated packages listed below:

Architecture	Package	Checksum
i686	libsolv-devel-0.7.19-1.el8.i686.rpm	791af36b2326ed3691dfd5826777d7212c7f6a3f145b56db41cd180488135fd5
x86_64	libsolv-devel-0.7.19-1.el8.x86_64.rpm	e1ab2e15d3772e0cbe873fb243a08e855aa6fd4d884f2cd12227bcd8667d224b
x86_64	libsolv-tools-0.7.19-1.el8.x86_64.rpm	ed73fa2ecd6aaa8e3ee2db9ffd825e2dfe604791d9c4d676cda59162d6c986e2

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.