[SECURITY] Fedora 35 Update: libsolv-0.7.21-1.fc35

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-f8921a3891 2022-03-01 15:04:45.963215 -------------------------------------------------------------------------------- Name : libsolv Product : Fedora 35 Version : 0.7.21 Release : 1.fc35 URL : https://github.com/openSUSE/libsolv Summary : Package dependency solver Description : A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: - Using a dictionary approach to store and retrieve package and dependency information. - Using satisfiability, a well known and researched topic, for resolving package dependencies. -------------------------------------------------------------------------------- Update Information: Update to 0.7.21 (Linked CVEs should not affect even current version��� but as somebody opened bunch of bugs���) -------------------------------------------------------------------------------- ChangeLog: * Fri Feb 25 2022 Igor Raits <igor.raits(a)gmail.com&gt; 0.7.21-1 - Update to 0.7.21 * Thu Jan 27 2022 V��t Ondruch <vondruch(a)redhat.com&gt; 0.7.20-3 - Rebuilt for https://fedoraproject.org/wiki/Changes/Ruby_3.1 * Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org&gt; 0.7.20-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Oct 1 2021 Igor Raits <ignatenkobrain(a)fedoraproject.org&gt; 0.7.20-1 - Update to 0.7.20 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1878273 - libsolv-0.7.21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1878273 [ 2 ] Bug #2056776 - CVE-2021-44573 libsolv: Heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056776 [ 3 ] Bug #2056778 - CVE-2021-44574 libsolv: Heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056778 [ 4 ] Bug #2056781 - CVE-2021-44575 libsolv: Heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056781 [ 5 ] Bug #2056784 - CVE-2021-44576 libsolv: Heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056784 [ 6 ] Bug #2056785 - CVE-2021-44577 libsolv: Heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056785 [ 7 ] Bug #2056793 - CVE-2021-44569 libsolv: Heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056793 [ 8 ] Bug #2056795 - CVE-2021-44571 libsolv: Heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056795 [ 9 ] Bug #2056796 - CVE-2021-44570 libsolv: Heap overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056796 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-f8921a3891' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------