{"schema_version":"1.7.2","id":"OESA-2021-1209","modified":"2021-06-07T11:02:56Z","published":"2021-06-07T11:02:56Z","upstream":["CVE-2021-3200"],"summary":"libsolv security update","details":"A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks:\n- Using a dictionary approach to store and retrieve package and dependency information.\n- Using satisfiability, a well known and researched topic, for resolving package dependencies.\r\n\r\nSecurity Fix(es):\r\n\r\nBuffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service(CVE-2021-3200)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP1","name":"libsolv","purl":"pkg:rpm/openEuler/libsolv\u0026distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.7.14-2.oe1"}]}],"ecosystem_specific":{"aarch64":["libsolv-debuginfo-0.7.14-2.oe1.aarch64.rpm","libsolv-debugsource-0.7.14-2.oe1.aarch64.rpm","ruby-solv-0.7.14-2.oe1.aarch64.rpm","libsolv-devel-0.7.14-2.oe1.aarch64.rpm","perl-solv-0.7.14-2.oe1.aarch64.rpm","python3-solv-0.7.14-2.oe1.aarch64.rpm","libsolv-0.7.14-2.oe1.aarch64.rpm"],"noarch":["libsolv-help-0.7.14-2.oe1.noarch.rpm"],"src":["libsolv-0.7.14-2.oe1.src.rpm"],"x86_64":["libsolv-devel-0.7.14-2.oe1.x86_64.rpm","libsolv-debuginfo-0.7.14-2.oe1.x86_64.rpm","libsolv-0.7.14-2.oe1.x86_64.rpm","libsolv-debugsource-0.7.14-2.oe1.x86_64.rpm","perl-solv-0.7.14-2.oe1.x86_64.rpm","ruby-solv-0.7.14-2.oe1.x86_64.rpm","python3-solv-0.7.14-2.oe1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1209"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3200"}],"database_specific":{"severity":"Medium"}}