Recommended update for libzypp, zypper, PackageKit
Vulnerability ID: SUSE-RU-2024:1202-1
Installed Version: 1.14.51-24.1
Fixed Version: 1.14.69-150200.73.7
This update for libzypp, zypper, PackageKit fixes the following issues:
- Fixup New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544)
- Add resolver option 'removeOrphaned' for distupgrade (bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- Add default stripe minimum
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config
- version 17.32.0
- ProblemSolution::skipsPatchesOnly overload to handout the patches
- Show active dry-run/download-only at the commit propmpt
- Add --skip-not-applicable-patches option
- Fix printing detailed solver problem description
- Fix bash-completion to work with right adjusted numbers in the 1st column too
- Set libzypp shutdown request signal on Ctrl+C
- In the detailed view show all baseurls not just the first one (bsc#1218171)