There is a NULL pointer dereference at ext/testcase.c (function testcasestr2depcomplex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "0.6.11-1.1ubuntu0.1~esm1", "binary_name": "libsolv-perl" }, { "binary_version": "0.6.11-1.1ubuntu0.1~esm1", "binary_name": "libsolv-tools" }, { "binary_version": "0.6.11-1.1ubuntu0.1~esm1", "binary_name": "libsolv0" }, { "binary_version": "0.6.11-1.1ubuntu0.1~esm1", "binary_name": "libsolv0-dev" }, { "binary_version": "0.6.11-1.1ubuntu0.1~esm1", "binary_name": "libsolvext0" }, { "binary_version": "0.6.11-1.1ubuntu0.1~esm1", "binary_name": "libsolvext0-dev" }, { "binary_version": "0.6.11-1.1ubuntu0.1~esm1", "binary_name": "python-solv" }, { "binary_version": "0.6.11-1.1ubuntu0.1~esm1", "binary_name": "python3-solv" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "0.6.30-1ubuntu0.1~esm1", "binary_name": "libsolv-perl" }, { "binary_version": "0.6.30-1ubuntu0.1~esm1", "binary_name": "libsolv-tools" }, { "binary_version": "0.6.30-1ubuntu0.1~esm1", "binary_name": "libsolv0" }, { "binary_version": "0.6.30-1ubuntu0.1~esm1", "binary_name": "libsolv0-dev" }, { "binary_version": "0.6.30-1ubuntu0.1~esm1", "binary_name": "libsolvext0" }, { "binary_version": "0.6.30-1ubuntu0.1~esm1", "binary_name": "libsolvext0-dev" }, { "binary_version": "0.6.30-1ubuntu0.1~esm1", "binary_name": "python-solv" }, { "binary_version": "0.6.30-1ubuntu0.1~esm1", "binary_name": "python3-solv" } ] }