Mageia 2019-0154: libsolv security update
Summary
It was discovered that libsolv incorrectly handled certain malformed
input. If a user or automated system were tricked into opening a specially
crafted file, applications that rely on libsolv could be made to crash,
resulting in a denial of service (CVE-2018-2053[2-4]).
References
- https://bugs.mageia.org/show_bug.cgi?id=24563
- https://ubuntu.com/security/notices/USN-3916-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2052
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2053
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2054
Resolution
MGASA-2019-0154 - Updated libsolv packages fix security vulnerability
SRPMS
- 6/core/libsolv-0.6.30-1.1.mga6
![Dist Mageia](/images/distros/dist-mageia.jpg)