Overview

File _patchinfo of Package patchinfo.16985

<patchinfo incident="16985">
  <issue tracker="bnc" id="1169947">man zypper: --issues should be --issue</issue>
  <issue tracker="bnc" id="1178038">zypper patch --category security crashes zypper on Spanish language server</issue>
  <issue tracker="bnc" id="1158763">VUL-0: CVE-2019-18900: libzypp: /var/lib/YaST2/cookies is world readable</issue>
  <issue tracker="cve" id="2019-18900"/>
  <packager>mlandres</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for libzypp, zypper</summary>
  <description>This update for libzypp, zypper fixes the following issues:

libzypp fixes the following security issue:

- CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763).

zypper was updated to fix the following issues:

- Fixed an issue, where zypper crashed when the system language is set to Spanish and the user
  tried to patch their system with 'zypper patch --category security' (bsc#1178038)
- Fixed a typo in man page (bsc#1169947)

</description>
<zypp_restart_needed/>
</patchinfo>
openSUSE Build Service is sponsored by
Places