An update for libsolv is now available for openEuler-20.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2021-1209 Final 1.0 1.0 2021-06-07 Initial 2021-06-07 2021-06-07 openEuler SA Tool V1.0 2021-06-07 libsolv security update An update for libsolv is now available for openEuler-20.03-LTS-SP1. A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: - Using a dictionary approach to store and retrieve package and dependency information. - Using satisfiability, a well known and researched topic, for resolving package dependencies. Security Fix(es): Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service(CVE-2021-3200) An update for libsolv is now available for openEuler-20.03-LTS-SP1. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium libsolv https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1209 https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-3200 https://nvd.nist.gov/vuln/detail/CVE-2021-3200 openEuler-20.03-LTS-SP1 libsolv-debuginfo-0.7.14-2.oe1.aarch64.rpm libsolv-debugsource-0.7.14-2.oe1.aarch64.rpm ruby-solv-0.7.14-2.oe1.aarch64.rpm libsolv-devel-0.7.14-2.oe1.aarch64.rpm perl-solv-0.7.14-2.oe1.aarch64.rpm python3-solv-0.7.14-2.oe1.aarch64.rpm libsolv-0.7.14-2.oe1.aarch64.rpm libsolv-help-0.7.14-2.oe1.noarch.rpm libsolv-0.7.14-2.oe1.src.rpm libsolv-devel-0.7.14-2.oe1.x86_64.rpm libsolv-debuginfo-0.7.14-2.oe1.x86_64.rpm libsolv-0.7.14-2.oe1.x86_64.rpm libsolv-debugsource-0.7.14-2.oe1.x86_64.rpm perl-solv-0.7.14-2.oe1.x86_64.rpm ruby-solv-0.7.14-2.oe1.x86_64.rpm python3-solv-0.7.14-2.oe1.x86_64.rpm Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service 2021-06-07 CVE-2021-3200 openEuler-20.03-LTS-SP1 Medium 6.5 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H libsolv security update 2021-06-07 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1209