--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-f8921a3891
2022-03-01 15:04:45.963215
--------------------------------------------------------------------------------
Name : libsolv
Product : Fedora 35
Version : 0.7.21
Release : 1.fc35
URL :
https://github.com/openSUSE/libsolv
Summary : Package dependency solver
Description :
A free package dependency solver using a satisfiability algorithm. The
library is based on two major, but independent, blocks:
- Using a dictionary approach to store and retrieve package
and dependency information.
- Using satisfiability, a well known and researched topic, for
resolving package dependencies.
--------------------------------------------------------------------------------
Update Information:
Update to 0.7.21 (Linked CVEs should not affect even current version��� but as
somebody opened bunch of bugs���)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 25 2022 Igor Raits <igor.raits(a)gmail.com> 0.7.21-1
- Update to 0.7.21
* Thu Jan 27 2022 V��t Ondruch <vondruch(a)redhat.com> 0.7.20-3
- Rebuilt for
https://fedoraproject.org/wiki/Changes/Ruby_3.1
* Thu Jan 20 2022 Fedora Release Engineering <releng(a)fedoraproject.org> 0.7.20-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Oct 1 2021 Igor Raits <ignatenkobrain(a)fedoraproject.org> 0.7.20-1
- Update to 0.7.20
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1878273 - libsolv-0.7.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1878273
[ 2 ] Bug #2056776 - CVE-2021-44573 libsolv: Heap overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2056776
[ 3 ] Bug #2056778 - CVE-2021-44574 libsolv: Heap overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2056778
[ 4 ] Bug #2056781 - CVE-2021-44575 libsolv: Heap overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2056781
[ 5 ] Bug #2056784 - CVE-2021-44576 libsolv: Heap overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2056784
[ 6 ] Bug #2056785 - CVE-2021-44577 libsolv: Heap overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2056785
[ 7 ] Bug #2056793 - CVE-2021-44569 libsolv: Heap overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2056793
[ 8 ] Bug #2056795 - CVE-2021-44571 libsolv: Heap overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2056795
[ 9 ] Bug #2056796 - CVE-2021-44570 libsolv: Heap overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2056796
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-f8921a3891' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------