Security Vulnerabilities fixed in libsolv RHSA-2019:2290

description-logoDescription

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fix(es): * libsolv: NULL pointer dereference in function testcase_read (CVE-2018-20532) * libsolv: NULL pointer dereference in function testcase_str2dep_complex (CVE-2018-20533) * libsolv: illegal address access in pool_whatprovides in src/pool.h (CVE-2018-20534) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

affected-products-logoAffected Applications

libsolv