Detections
Analytics
SUSE SLED15: libsolv-demo / libsolv-devel / libsolv-tools / libzypp / etc (SUSE-SU-2022:1157-1)
high Nessus Plugin ID 159705
Language:
Synopsis
The remote SUSE host is missing a security update.Description
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1157-1 advisory.Security relevant fix:
- Harden package signature checks (bsc#1184501).
libsolv update to 0.7.22:
- reworked choice rule generation to cover more usecases
- support SOLVABLE_PREREQ_IGNOREINST in the ordering code (bsc#1196514)
- support parsing of Debian's Multi-Arch indicator
- fix segfault on conflict resolution when using bindings
- fix split provides not working if the update includes a forbidden vendor change
- support strict repository priorities new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY
- support zstd compressed control files in debian packages
- add an ifdef allowing to rename Solvable dependency members ('requires' is a keyword in C++20)
- support setting/reading userdata in solv files new functions: repowriter_set_userdata, solv_read_userdata
- support queying of the custom vendor check function new function: pool_get_custom_vendorcheck
- support solv files with an idarray block
- allow accessing the toolversion at runtime
libzypp update to 17.30.0:
- ZConfig: Update solver settings if target changes (bsc#1196368)
- Fix possible hang in singletrans mode (bsc#1197134)
- Do 2 retries if mount is still busy.
- Fix package signature check (bsc#1184501) Pay attention that header and payload are secured by a valid signature and report more detailed which signature is missing.
- Retry umount if device is busy (bsc#1196061, closes #381) A previously released ISO image may need a bit more time to release it's loop device. So we wait a bit and retry.
- Fix serializing/deserializing type mismatch in zypp-rpm protocol (bsc#1196925)
- Fix handling of ISO media in releaseAll (bsc#1196061)
- Hint on common ptf resolver conflicts (bsc#1194848)
- Hint on ptf<>patch resolver conflicts (bsc#1194848)
zypper update to 1.14.52:
- info: print the packages upstream URL if available (fixes #426)
- info: Fix SEGV with not installed PTFs (bsc#1196317)
- Don't prevent less restrictive umasks (bsc#1195999)
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1184501
https://bugzilla.suse.com/1194848
https://bugzilla.suse.com/1195999
https://bugzilla.suse.com/1196061
https://bugzilla.suse.com/1196317
https://bugzilla.suse.com/1196368
https://bugzilla.suse.com/1196514
https://bugzilla.suse.com/1196925
Plugin Details
Severity: High
ID: 159705
File Name: suse_SU-2022-1157-1.nasl
Version: 1.8
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 4/13/2022
Updated: 6/26/2026
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, tenable_cloud_security, tenable_self_hosted_container_security, Nessus
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:zypper, p-cpe:/a:novell:suse_linux:libsolv-devel, p-cpe:/a:novell:suse_linux:zypper-log, p-cpe:/a:novell:suse_linux:perl-solv, p-cpe:/a:novell:suse_linux:libzypp, p-cpe:/a:novell:suse_linux:libsolv-tools, p-cpe:/a:novell:suse_linux:zypper-needs-restarting, p-cpe:/a:novell:suse_linux:ruby-solv, p-cpe:/a:novell:suse_linux:python3-solv, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:libzypp-devel
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 4/12/2022
Vulnerability Publication Date: 4/12/2022
Reference Information
SuSE: SUSE-SU-2022:1157-1