Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2019:2290 - Security Advisory
Issued:
2019-08-06
Updated:
2019-08-06

RHSA-2019:2290 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Low: libsolv security and bug fix update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsolv is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm.

Security Fix(es):

  • libsolv: NULL pointer dereference in function testcase_read (CVE-2018-20532)
  • libsolv: NULL pointer dereference in function testcase_str2dep_complex (CVE-2018-20533)
  • libsolv: illegal address access in pool_whatprovides in src/pool.h (CVE-2018-20534)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 1665532 - CVE-2018-20532 libsolv: NULL pointer dereference in function testcase_read
  • BZ - 1665535 - CVE-2018-20533 libsolv: NULL pointer dereference in function testcase_str2dep_complex
  • BZ - 1665538 - CVE-2018-20534 libsolv: illegal address access in pool_whatprovides in src/pool.h
  • BZ - 1668256 - "dnf upgrade" reinstalls kernel packages reporting it cannot install best update candidate

CVEs

  • CVE-2018-20532
  • CVE-2018-20533
  • CVE-2018-20534

References

  • https://access.redhat.com/security/updates/classification/#low
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
libsolv-0.6.34-4.el7.src.rpm SHA-256: 895aaf388527aef12901fc1de061f0fdec19711de4625158b6876c598539ca67
x86_64
libsolv-0.6.34-4.el7.i686.rpm SHA-256: fe2e299eda025fce7b72a4b1ceb171c40f08aa09dab583a143c63bf31eff99fe
libsolv-0.6.34-4.el7.x86_64.rpm SHA-256: 899151c0bbf1421699bd21e2c4160cbc2f41fe412550f94c24fcf36429345359
libsolv-debuginfo-0.6.34-4.el7.i686.rpm SHA-256: 40494f74e3dab732adbcd9720cf89a1847d68df8bab2c62b105335ea62e17b9e
libsolv-debuginfo-0.6.34-4.el7.i686.rpm SHA-256: 40494f74e3dab732adbcd9720cf89a1847d68df8bab2c62b105335ea62e17b9e
libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm SHA-256: 1d46f91a7247fbb1f09a3645e7df5a910c4cd756b03f9b137fbc0834de3bf137
libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm SHA-256: 1d46f91a7247fbb1f09a3645e7df5a910c4cd756b03f9b137fbc0834de3bf137
libsolv-demo-0.6.34-4.el7.x86_64.rpm SHA-256: c191b0c783dab2317a0d1afab0a735d25732c282cc5485a87a09f86b4d98075b
libsolv-devel-0.6.34-4.el7.i686.rpm SHA-256: 36395269ac70ef41c58bc77e02fba6ffb2dd1a08b4c3397de6f1ce46eb171f35
libsolv-devel-0.6.34-4.el7.x86_64.rpm SHA-256: 5d7467be30a3fd202116da86c3727d4b11b864c61232a6d027f961fd7a3edc6e
libsolv-tools-0.6.34-4.el7.i686.rpm SHA-256: ca65717ed8f35e995878703c49625277b5264ea0bb66b820493d99186a6ff9b0
libsolv-tools-0.6.34-4.el7.x86_64.rpm SHA-256: 30b6813f837d9a46f843033c4230391ea1b0d707ee6ea0fba79bb50bbe003b99
python2-solv-0.6.34-4.el7.x86_64.rpm SHA-256: 951ccd9807852c5ab17c20fd53a40ced26dbcc3540c6b8edccfd6a0b2b9434f5

Red Hat Enterprise Linux Workstation 7

SRPM
libsolv-0.6.34-4.el7.src.rpm SHA-256: 895aaf388527aef12901fc1de061f0fdec19711de4625158b6876c598539ca67
x86_64
libsolv-0.6.34-4.el7.i686.rpm SHA-256: fe2e299eda025fce7b72a4b1ceb171c40f08aa09dab583a143c63bf31eff99fe
libsolv-0.6.34-4.el7.x86_64.rpm SHA-256: 899151c0bbf1421699bd21e2c4160cbc2f41fe412550f94c24fcf36429345359
libsolv-debuginfo-0.6.34-4.el7.i686.rpm SHA-256: 40494f74e3dab732adbcd9720cf89a1847d68df8bab2c62b105335ea62e17b9e
libsolv-debuginfo-0.6.34-4.el7.i686.rpm SHA-256: 40494f74e3dab732adbcd9720cf89a1847d68df8bab2c62b105335ea62e17b9e
libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm SHA-256: 1d46f91a7247fbb1f09a3645e7df5a910c4cd756b03f9b137fbc0834de3bf137
libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm SHA-256: 1d46f91a7247fbb1f09a3645e7df5a910c4cd756b03f9b137fbc0834de3bf137
libsolv-demo-0.6.34-4.el7.x86_64.rpm SHA-256: c191b0c783dab2317a0d1afab0a735d25732c282cc5485a87a09f86b4d98075b
libsolv-devel-0.6.34-4.el7.i686.rpm SHA-256: 36395269ac70ef41c58bc77e02fba6ffb2dd1a08b4c3397de6f1ce46eb171f35
libsolv-devel-0.6.34-4.el7.x86_64.rpm SHA-256: 5d7467be30a3fd202116da86c3727d4b11b864c61232a6d027f961fd7a3edc6e
libsolv-tools-0.6.34-4.el7.i686.rpm SHA-256: ca65717ed8f35e995878703c49625277b5264ea0bb66b820493d99186a6ff9b0
libsolv-tools-0.6.34-4.el7.x86_64.rpm SHA-256: 30b6813f837d9a46f843033c4230391ea1b0d707ee6ea0fba79bb50bbe003b99
python2-solv-0.6.34-4.el7.x86_64.rpm SHA-256: 951ccd9807852c5ab17c20fd53a40ced26dbcc3540c6b8edccfd6a0b2b9434f5

Red Hat Enterprise Linux Desktop 7

SRPM
libsolv-0.6.34-4.el7.src.rpm SHA-256: 895aaf388527aef12901fc1de061f0fdec19711de4625158b6876c598539ca67
x86_64
libsolv-0.6.34-4.el7.i686.rpm SHA-256: fe2e299eda025fce7b72a4b1ceb171c40f08aa09dab583a143c63bf31eff99fe
libsolv-0.6.34-4.el7.x86_64.rpm SHA-256: 899151c0bbf1421699bd21e2c4160cbc2f41fe412550f94c24fcf36429345359
libsolv-debuginfo-0.6.34-4.el7.i686.rpm SHA-256: 40494f74e3dab732adbcd9720cf89a1847d68df8bab2c62b105335ea62e17b9e
libsolv-debuginfo-0.6.34-4.el7.i686.rpm SHA-256: 40494f74e3dab732adbcd9720cf89a1847d68df8bab2c62b105335ea62e17b9e
libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm SHA-256: 1d46f91a7247fbb1f09a3645e7df5a910c4cd756b03f9b137fbc0834de3bf137
libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm SHA-256: 1d46f91a7247fbb1f09a3645e7df5a910c4cd756b03f9b137fbc0834de3bf137
libsolv-demo-0.6.34-4.el7.x86_64.rpm SHA-256: c191b0c783dab2317a0d1afab0a735d25732c282cc5485a87a09f86b4d98075b
libsolv-devel-0.6.34-4.el7.i686.rpm SHA-256: 36395269ac70ef41c58bc77e02fba6ffb2dd1a08b4c3397de6f1ce46eb171f35
libsolv-devel-0.6.34-4.el7.x86_64.rpm SHA-256: 5d7467be30a3fd202116da86c3727d4b11b864c61232a6d027f961fd7a3edc6e
libsolv-tools-0.6.34-4.el7.i686.rpm SHA-256: ca65717ed8f35e995878703c49625277b5264ea0bb66b820493d99186a6ff9b0
libsolv-tools-0.6.34-4.el7.x86_64.rpm SHA-256: 30b6813f837d9a46f843033c4230391ea1b0d707ee6ea0fba79bb50bbe003b99
python2-solv-0.6.34-4.el7.x86_64.rpm SHA-256: 951ccd9807852c5ab17c20fd53a40ced26dbcc3540c6b8edccfd6a0b2b9434f5

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
libsolv-0.6.34-4.el7.src.rpm SHA-256: 895aaf388527aef12901fc1de061f0fdec19711de4625158b6876c598539ca67
s390x
libsolv-0.6.34-4.el7.s390.rpm SHA-256: 2743ab6b10eabe6cf2b15d37278aa751c787e09b4886821455082a8a76cafeb7
libsolv-0.6.34-4.el7.s390x.rpm SHA-256: 38aa3b67dbd1a774d1816191770321b05398e1c24ece03ff9eeec0b210a6e3ef
libsolv-debuginfo-0.6.34-4.el7.s390.rpm SHA-256: 773c0d23069ae44958494d689849cc5c5b102300f0ec212f8a76f5c1652aad59
libsolv-debuginfo-0.6.34-4.el7.s390.rpm SHA-256: 773c0d23069ae44958494d689849cc5c5b102300f0ec212f8a76f5c1652aad59
libsolv-debuginfo-0.6.34-4.el7.s390x.rpm SHA-256: 93c7dc34351a860ee779264a081a2f95181582b06b1c307a690d2b01bf3b6ce2
libsolv-debuginfo-0.6.34-4.el7.s390x.rpm SHA-256: 93c7dc34351a860ee779264a081a2f95181582b06b1c307a690d2b01bf3b6ce2
libsolv-demo-0.6.34-4.el7.s390x.rpm SHA-256: 618eb9ee9cd5f94266c7c9c6471de11d4fb03a71d3cc8dbd6bf2321e197c858d
libsolv-devel-0.6.34-4.el7.s390.rpm SHA-256: 2aefec4987967c93e80e6ab039aa6e1fdbebe42032e5398d971e2b2339fc826c
libsolv-devel-0.6.34-4.el7.s390x.rpm SHA-256: e340a8ab1b3bd964eb24632a7b6a54e5c4009acec947ceada58dafa7f31088e3
libsolv-tools-0.6.34-4.el7.s390.rpm SHA-256: 4df0a5921fc87da9eb3b00bf1e17879e9d2092b3b3a485717b353ff38e329ad6
libsolv-tools-0.6.34-4.el7.s390x.rpm SHA-256: 10bb5b64e9bd4109cc55536f0c695cb6c935f47b29f2e569a8535ada07ca1fa0
python2-solv-0.6.34-4.el7.s390x.rpm SHA-256: f940324180501fc7da2404aed65b4498e7b977c625e5f5f9356222844e4e2a5c

Red Hat Enterprise Linux for Power, big endian 7

SRPM
libsolv-0.6.34-4.el7.src.rpm SHA-256: 895aaf388527aef12901fc1de061f0fdec19711de4625158b6876c598539ca67
ppc64
libsolv-0.6.34-4.el7.ppc.rpm SHA-256: 1ce46528d9ad8e5fe476b3302d9f9f347aaa6ca3e813caa8fe77d68eed6bc10b
libsolv-0.6.34-4.el7.ppc64.rpm SHA-256: 76d43145cb3e77c337cb7dec9bf359864b076679baba1249a682e2c9f007a9d0
libsolv-debuginfo-0.6.34-4.el7.ppc.rpm SHA-256: 36c37ccec2fe972045c454bbe55ab6470538e251e2e55fc593dedb6e788213f7
libsolv-debuginfo-0.6.34-4.el7.ppc.rpm SHA-256: 36c37ccec2fe972045c454bbe55ab6470538e251e2e55fc593dedb6e788213f7
libsolv-debuginfo-0.6.34-4.el7.ppc64.rpm SHA-256: 6f3bec894287df78c5f97dd7dfec78fffd209a47fbd7b76edf8990acbf4e7b2e
libsolv-debuginfo-0.6.34-4.el7.ppc64.rpm SHA-256: 6f3bec894287df78c5f97dd7dfec78fffd209a47fbd7b76edf8990acbf4e7b2e
libsolv-demo-0.6.34-4.el7.ppc64.rpm SHA-256: 812558b48c7b68296033797d587615522f780bec36fd84e7e9973e0fe4553154
libsolv-devel-0.6.34-4.el7.ppc.rpm SHA-256: d74e5f84fb91a998b965d688b1f1b1f7e942991c17a96220917cbd9e981bd24d
libsolv-devel-0.6.34-4.el7.ppc64.rpm SHA-256: 61180871491f58e42565eb7eba9b2557e6d00a99b4abd1269069c3c0489acd13
libsolv-tools-0.6.34-4.el7.ppc.rpm SHA-256: aada9b2550bdafeb71054f7f1768faa05bd47145df38c98ba8ed4281c97a0f04
libsolv-tools-0.6.34-4.el7.ppc64.rpm SHA-256: 1253f08308207e8ad6bc501ff14462216287409013019c6b2c56bd7bab0b360f
python2-solv-0.6.34-4.el7.ppc64.rpm SHA-256: 23b9cd1bf7c4919a77bf399037bbdc0428bad95fb2fd858a0f2ed21a1d6195b5

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
libsolv-0.6.34-4.el7.src.rpm SHA-256: 895aaf388527aef12901fc1de061f0fdec19711de4625158b6876c598539ca67
x86_64
libsolv-0.6.34-4.el7.i686.rpm SHA-256: fe2e299eda025fce7b72a4b1ceb171c40f08aa09dab583a143c63bf31eff99fe
libsolv-0.6.34-4.el7.x86_64.rpm SHA-256: 899151c0bbf1421699bd21e2c4160cbc2f41fe412550f94c24fcf36429345359
libsolv-debuginfo-0.6.34-4.el7.i686.rpm SHA-256: 40494f74e3dab732adbcd9720cf89a1847d68df8bab2c62b105335ea62e17b9e
libsolv-debuginfo-0.6.34-4.el7.i686.rpm SHA-256: 40494f74e3dab732adbcd9720cf89a1847d68df8bab2c62b105335ea62e17b9e
libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm SHA-256: 1d46f91a7247fbb1f09a3645e7df5a910c4cd756b03f9b137fbc0834de3bf137
libsolv-debuginfo-0.6.34-4.el7.x86_64.rpm SHA-256: 1d46f91a7247fbb1f09a3645e7df5a910c4cd756b03f9b137fbc0834de3bf137
libsolv-demo-0.6.34-4.el7.x86_64.rpm SHA-256: c191b0c783dab2317a0d1afab0a735d25732c282cc5485a87a09f86b4d98075b
libsolv-devel-0.6.34-4.el7.i686.rpm SHA-256: 36395269ac70ef41c58bc77e02fba6ffb2dd1a08b4c3397de6f1ce46eb171f35
libsolv-devel-0.6.34-4.el7.x86_64.rpm SHA-256: 5d7467be30a3fd202116da86c3727d4b11b864c61232a6d027f961fd7a3edc6e
libsolv-tools-0.6.34-4.el7.i686.rpm SHA-256: ca65717ed8f35e995878703c49625277b5264ea0bb66b820493d99186a6ff9b0
libsolv-tools-0.6.34-4.el7.x86_64.rpm SHA-256: 30b6813f837d9a46f843033c4230391ea1b0d707ee6ea0fba79bb50bbe003b99
python2-solv-0.6.34-4.el7.x86_64.rpm SHA-256: 951ccd9807852c5ab17c20fd53a40ced26dbcc3540c6b8edccfd6a0b2b9434f5

Red Hat Enterprise Linux for Power, little endian 7

SRPM
libsolv-0.6.34-4.el7.src.rpm SHA-256: 895aaf388527aef12901fc1de061f0fdec19711de4625158b6876c598539ca67
ppc64le
libsolv-0.6.34-4.el7.ppc64le.rpm SHA-256: d9dcede49a0639119f5672e79b2aac7e3b26141edc46815b47bb0eb48c88fe1d
libsolv-debuginfo-0.6.34-4.el7.ppc64le.rpm SHA-256: 94a3c6cb82f6e9938a542c6e466f65d1dea92e6e6bb0c6108170f98e45f77d5b
libsolv-debuginfo-0.6.34-4.el7.ppc64le.rpm SHA-256: 94a3c6cb82f6e9938a542c6e466f65d1dea92e6e6bb0c6108170f98e45f77d5b
libsolv-demo-0.6.34-4.el7.ppc64le.rpm SHA-256: 3f9de6ce78fd0c93fcacc7695cde260136d86a57a3738526049e373ffb24507e
libsolv-devel-0.6.34-4.el7.ppc64le.rpm SHA-256: 0d5179e3f4ec2b3644312c64a299f5643b956d64bd78a1db548c8c22b9d54b91
libsolv-tools-0.6.34-4.el7.ppc64le.rpm SHA-256: cdc9e78552892190b51e8abcaaabc394ea033cd1b19b2250687eaf109ad4ff0f
python2-solv-0.6.34-4.el7.ppc64le.rpm SHA-256: 41791d16ec71984403b4a987c53d1931bb7abca4268677cd6977eb4ab329ebe0

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter