Security update for libzypp, zypper
| Announcement ID: | SUSE-SU-2020:3367-1 |
|---|---|
| Rating: | moderate |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves one vulnerability and has two security fixes can now be installed.
Description:
This update for libzypp, zypper fixes the following issues:
libzypp fixes the following security issue:
- CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763).
zypper was updated to fix the following issues:
- Fixed an issue, where zypper crashed when the system language is set to Spanish and the user tried to patch their system with 'zypper patch --category security' (bsc#1178038)
- Fixed a typo in man page (bsc#1169947)
Special Instructions and Notes:
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE OpenStack Cloud 7
zypper in -t patch SUSE-OpenStack-Cloud-7-2020-3367=1 -
SUSE Linux Enterprise Point of Service Image Server 12 12-SP2
zypper in -t patch SUSE-SLE-POS-12-SP2-CLIENT-2020-3367=1 -
SUSE Linux Enterprise Server for SAP Applications 12 SP2
zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-3367=1 -
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-3367=1 -
SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-ESPOS-2020-3367=1 -
SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2
zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-3367=1
Package List:
-
SUSE OpenStack Cloud 7 (x86_64)
- libzypp-debugsource-16.21.2-27.70.1
- libzypp-debuginfo-16.21.2-27.70.1
- zypper-1.13.57-18.46.3
- zypper-debugsource-1.13.57-18.46.3
- libzypp-16.21.2-27.70.1
- libzypp-devel-16.21.2-27.70.1
- zypper-debuginfo-1.13.57-18.46.3
-
SUSE OpenStack Cloud 7 (noarch)
- zypper-log-1.13.57-18.46.3
-
SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 (x86_64)
- libzypp-debugsource-16.21.2-27.70.1
- libzypp-debuginfo-16.21.2-27.70.1
- zypper-1.13.57-18.46.3
- zypper-debugsource-1.13.57-18.46.3
- libzypp-16.21.2-27.70.1
- libzypp-devel-16.21.2-27.70.1
- zypper-debuginfo-1.13.57-18.46.3
-
SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 (noarch)
- zypper-log-1.13.57-18.46.3
-
SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
- libzypp-debugsource-16.21.2-27.70.1
- libzypp-debuginfo-16.21.2-27.70.1
- zypper-1.13.57-18.46.3
- zypper-debugsource-1.13.57-18.46.3
- libzypp-16.21.2-27.70.1
- libzypp-devel-16.21.2-27.70.1
- zypper-debuginfo-1.13.57-18.46.3
-
SUSE Linux Enterprise Server for SAP Applications 12 SP2 (noarch)
- zypper-log-1.13.57-18.46.3
-
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (x86_64)
- libzypp-debugsource-16.21.2-27.70.1
- libzypp-debuginfo-16.21.2-27.70.1
- zypper-1.13.57-18.46.3
- zypper-debugsource-1.13.57-18.46.3
- libzypp-16.21.2-27.70.1
- libzypp-devel-16.21.2-27.70.1
- zypper-debuginfo-1.13.57-18.46.3
-
SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (noarch)
- zypper-log-1.13.57-18.46.3
-
SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 (x86_64)
- libzypp-debugsource-16.21.2-27.70.1
- libzypp-debuginfo-16.21.2-27.70.1
- zypper-1.13.57-18.46.3
- zypper-debugsource-1.13.57-18.46.3
- libzypp-16.21.2-27.70.1
- libzypp-devel-16.21.2-27.70.1
- zypper-debuginfo-1.13.57-18.46.3
-
SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 (noarch)
- zypper-log-1.13.57-18.46.3
-
SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (ppc64le s390x x86_64)
- libzypp-debugsource-16.21.2-27.70.1
- libzypp-debuginfo-16.21.2-27.70.1
- zypper-1.13.57-18.46.3
- zypper-debugsource-1.13.57-18.46.3
- libzypp-16.21.2-27.70.1
- libzypp-devel-16.21.2-27.70.1
- zypper-debuginfo-1.13.57-18.46.3
-
SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (noarch)
- zypper-log-1.13.57-18.46.3