X85Cqnzx8A

**Name of the Vulnerable Software and Affected Versions** libzypp versions prior to 20170803 **Description** The issue allows an attacker to retrieve unsigned packages without warning the user, which could lead to a man-in-the-middle attack or malicious servers injecting malicious RPM packages into a user's system. **Recommendations** For versions prior to 20170803, update to a version newer than 20170803 to resolve the issue.