Name of the Vulnerable Software and Affected Versions libsolv versions prior to 0.7.22 libzypp versions prior to 17.30.0 zypper versions prior to 1.14.52

Description The issue is related to package signature checks. A security relevant fix has been applied to harden these checks. The updates for libsolv, libzypp, and zypper also include various other fixes and improvements, such as reworked choice rule generation, support for strict repository priorities, and fixes for potential hangs and segfaults.

Recommendations For libsolv versions prior to 0.7.22, update to version 0.7.22 or later. For libzypp versions prior to 17.30.0, update to version 17.30.0 or later. For zypper versions prior to 1.14.52, update to version 1.14.52 or later.