Endpoint Vulnerability

RHSA-2020:4508: libsolv security, bug fix, and enhancement update (Moderate)

Description

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. The following packages have been upgraded to a later upstream version: libsolv (0.7.11). (BZ#1809106) Security Fix(es): * libsolv: out-of-bounds read in repodata_schema2id in repodata.c (CVE-2019-20387) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.

Affected Products

libsolv

References

CVE-2019-20387,