openSUSE Security Update : libzypp / zypper (openSUSE-2017-1009)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

The Software Update Stack was updated to receive fixes and

libzypp :

- Adapt to work with GnuPG 2.1.23. (bsc#1054088)

- Support signing with subkeys. (bsc#1008325)

- Enhance sort order for media.1/products. (bsc#1054671)

zypper :

- Also show a gpg key's subkeys. (bsc#1008325)

- Improve signature check callback messages. (bsc#1045735)

- Add options to tune the GPG check settings.

- Adapt download callback to report and handle unsigned
packages. (bsc#1038984, CVE-2017-7436)

- Report missing/optional files as 'not found' rather than
'error'. (bsc#1047785)

This update was imported from the SUSE:SLE-12-SP3:Update update

See also :

Solution :

Update the affected libzypp / zypper packages.

Risk factor :


Family: SuSE Local Security Checks

Nessus Plugin ID: 102965 ()

Bugtraq ID:

CVE ID: CVE-2017-7436

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now