pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-01-23 12:02:37 +00:00
parent 800b9e4efc
commit 06e502666a
32 changed files with 4011 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

235
oval/c10f1/ALT-PU-2024-1095/definitions.json Normal file
View File

@ -0,0 +1,235 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241095",
"Version": "oval:org.altlinux.errata:def:20241095",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1095: package `vim` update to version 9.0.2136-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1095",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1095",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-08297",
"RefURL": "https://bdu.fstec.ru/vul/2023-08297",
"Source": "BDU"
},
{
"RefID": "CVE-2023-48231",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48231",
"Source": "CVE"
},
{
"RefID": "CVE-2023-48232",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48232",
"Source": "CVE"
},
{
"RefID": "CVE-2023-48233",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48233",
"Source": "CVE"
},
{
"RefID": "CVE-2023-48234",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48234",
"Source": "CVE"
},
{
"RefID": "CVE-2023-48235",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48235",
"Source": "CVE"
},
{
"RefID": "CVE-2023-48236",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48236",
"Source": "CVE"
},
{
"RefID": "CVE-2023-48237",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48237",
"Source": "CVE"
},
{
"RefID": "CVE-2023-48706",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48706",
"Source": "CVE"
}
],
"Description": "This update upgrades vim to version 9.0.2136-alt1. \nSecurity Fix(es):\n\n * BDU:2023-08297: Уязвимость текстового редактора vim, связанная с использованием памяти после её освобождения, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-48231: Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2023-48232: Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the 'cpo' setting includes the 'n' flag. Only users with non-default settings are affected and the exception should only result in a crash. This issue has been addressed in commit `cb0b99f0` which has been included in release version 9.0.2107. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2023-48233: Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `ac6378773` which has been included in release version 9.0.2108. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2023-48234: Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `58f9befca1` which has been included in release version 9.0.2109. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2023-48235: Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an\noverflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `060623e` which has been included in release version 9.0.2110. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2023-48236: Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger\nthan MAX_INT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit `73b2d379` which has been included in release version 9.0.2111. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2023-48237: Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `6bf131888` which has been included in version 9.0.2112. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2023-48706: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2023 BaseALT Ltd.",
"Issued": {
"Date": "2024-01-22"
},
"Updated": {
"Date": "2024-01-22"
},
"bdu": [
{
"Cvss": "AV:L/AC:H/Au:N/C:N/I:P/A:P",
"Cvss3": "AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L",
"Cwe": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-08297",
"Impact": "Low",
"Public": "20231122",
"CveID": "BDU:2023-08297"
}
],
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"Cwe": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48231",
"Impact": "Low",
"Public": "20231116",
"CveID": "CVE-2023-48231"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"Cwe": "CWE-755",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48232",
"Impact": "Low",
"Public": "20231116",
"CveID": "CVE-2023-48232"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"Cwe": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48233",
"Impact": "Low",
"Public": "20231116",
"CveID": "CVE-2023-48233"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"Cwe": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48234",
"Impact": "Low",
"Public": "20231116",
"CveID": "CVE-2023-48234"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"Cwe": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48235",
"Impact": "Low",
"Public": "20231116",
"CveID": "CVE-2023-48235"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"Cwe": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48236",
"Impact": "Low",
"Public": "20231116",
"CveID": "CVE-2023-48236"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"Cwe": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48237",
"Impact": "Low",
"Public": "20231116",
"CveID": "CVE-2023-48237"
},
{
"Cvss3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"Cwe": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48706",
"Impact": "Low",
"Public": "20231122",
"CveID": "CVE-2023-48706"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241095001",
"Comment": "rpm-build-vim is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095002",
"Comment": "vim-X11 is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095003",
"Comment": "vim-X11-gnome2 is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095004",
"Comment": "vim-X11-gtk2 is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095005",
"Comment": "vim-X11-gtk3 is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095006",
"Comment": "vim-common is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095007",
"Comment": "vim-console is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095008",
"Comment": "vim-enhanced is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095009",
"Comment": "vim-minimal is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095010",
"Comment": "vim-spell-source is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095011",
"Comment": "vimtutor is earlier than 4:9.0.2136-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241095012",
"Comment": "xxd is earlier than 4:9.0.2136-alt1"
}
]
}
]
}
}
]
}

100
oval/c10f1/ALT-PU-2024-1095/objects.json Normal file
View File

@ -0,0 +1,100 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241095001",
"Version": "1",
"comment": "rpm-build-vim is installed",
"Name": "rpm-build-vim"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095002",
"Version": "1",
"comment": "vim-X11 is installed",
"Name": "vim-X11"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095003",
"Version": "1",
"comment": "vim-X11-gnome2 is installed",
"Name": "vim-X11-gnome2"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095004",
"Version": "1",
"comment": "vim-X11-gtk2 is installed",
"Name": "vim-X11-gtk2"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095005",
"Version": "1",
"comment": "vim-X11-gtk3 is installed",
"Name": "vim-X11-gtk3"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095006",
"Version": "1",
"comment": "vim-common is installed",
"Name": "vim-common"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095007",
"Version": "1",
"comment": "vim-console is installed",
"Name": "vim-console"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095008",
"Version": "1",
"comment": "vim-enhanced is installed",
"Name": "vim-enhanced"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095009",
"Version": "1",
"comment": "vim-minimal is installed",
"Name": "vim-minimal"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095010",
"Version": "1",
"comment": "vim-spell-source is installed",
"Name": "vim-spell-source"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095011",
"Version": "1",
"comment": "vimtutor is installed",
"Name": "vimtutor"
},
{
"ID": "oval:org.altlinux.errata:obj:20241095012",
"Version": "1",
"comment": "xxd is installed",
"Name": "xxd"
}
]
}

23
oval/c10f1/ALT-PU-2024-1095/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241095001",
"Version": "1",
"Comment": "package EVR is earlier than 4:9.0.2136-alt1",
"Arch": {},
"Evr": {
"Text": "4:9.0.2136-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

162
oval/c10f1/ALT-PU-2024-1095/tests.json Normal file
View File

@ -0,0 +1,162 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241095001",
"Version": "1",
"Check": "all",
"Comment": "rpm-build-vim is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095002",
"Version": "1",
"Check": "all",
"Comment": "vim-X11 is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095003",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gnome2 is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095004",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gtk2 is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095005",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gtk3 is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095006",
"Version": "1",
"Check": "all",
"Comment": "vim-common is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095007",
"Version": "1",
"Check": "all",
"Comment": "vim-console is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095008",
"Version": "1",
"Check": "all",
"Comment": "vim-enhanced is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095009",
"Version": "1",
"Check": "all",
"Comment": "vim-minimal is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095010",
"Version": "1",
"Check": "all",
"Comment": "vim-spell-source is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095011",
"Version": "1",
"Check": "all",
"Comment": "vimtutor is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241095012",
"Version": "1",
"Check": "all",
"Comment": "xxd is earlier than 4:9.0.2136-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241095012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241095001"
}
}
]
}

294
oval/c10f1/ALT-PU-2024-1179/definitions.json Normal file
View File

@ -0,0 +1,294 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241179",
"Version": "oval:org.altlinux.errata:def:20241179",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1179: package `LibreOffice-still` update to version 7.5.9.2-alt1.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1179",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1179",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-02967",
"RefURL": "https://bdu.fstec.ru/vul/2023-02967",
"Source": "BDU"
},
{
"RefID": "BDU:2023-02968",
"RefURL": "https://bdu.fstec.ru/vul/2023-02968",
"Source": "BDU"
},
{
"RefID": "BDU:2023-08655",
"RefURL": "https://bdu.fstec.ru/vul/2023-08655",
"Source": "BDU"
},
{
"RefID": "BDU:2023-08957",
"RefURL": "https://bdu.fstec.ru/vul/2023-08957",
"Source": "BDU"
},
{
"RefID": "CVE-2023-0950",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-0950",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1183",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1183",
"Source": "CVE"
},
{
"RefID": "CVE-2023-2255",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-2255",
"Source": "CVE"
},
{
"RefID": "CVE-2023-6185",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-6185",
"Source": "CVE"
},
{
"RefID": "CVE-2023-6186",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-6186",
"Source": "CVE"
}
],
"Description": "This update upgrades LibreOffice-still to version 7.5.9.2-alt1.p10.1. \nSecurity Fix(es):\n\n * BDU:2023-02967: Уязвимость модуля Spreadsheet пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-02968: Уязвимость компонента Floating Frames пакета офисных программ LibreOffice, позволяющая нарушителю выполнить спуфинговую атаку\n\n * BDU:2023-08655: Уязвимость пакета офисных программ LibreOffice, связанная с возможностью внедрения кода или данных, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-08957: Уязвимость модуля Gstreamer пакета офисных программ LibreOffice, позволяющая нарушителю запускать произвольные плагины Gstreamer\n\n * CVE-2023-0950: Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1.\n\n * CVE-2023-1183: A flaw was found in the Libreoffice package. An attacker can craft an odb containing a \"database/script\" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.\n\n * CVE-2023-2255: Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used \"floating frames\" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.\n\n * CVE-2023-6185: Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.\n\nIn affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system.\n\n\n\n * CVE-2023-6186: Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.\n\nIn affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.\n\n\n\n\n * #46320: Обновить стабильную версию LibreOffice-still\n\n * #48841: Сломалась сборка Libreoffice-still",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2023 BaseALT Ltd.",
"Issued": {
"Date": "2024-01-22"
},
"Updated": {
"Date": "2024-01-22"
},
"bdu": [
{
"Cvss": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"Cvss3": "AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"Cwe": "CWE-129",
"Href": "https://bdu.fstec.ru/vul/2023-02967",
"Impact": "Low",
"Public": "20230524",
"CveID": "BDU:2023-02967"
},
{
"Cvss": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"Cvss3": "AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"Cwe": "CWE-264, CWE-357",
"Href": "https://bdu.fstec.ru/vul/2023-02968",
"Impact": "Low",
"Public": "20230524",
"CveID": "BDU:2023-02968"
},
{
"Cvss": "AV:A/AC:L/Au:S/C:P/I:C/A:C",
"Cvss3": "AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"Cwe": "CWE-601",
"Href": "https://bdu.fstec.ru/vul/2023-08655",
"Impact": "High",
"Public": "20231211",
"CveID": "BDU:2023-08655"
},
{
"Cvss": "AV:A/AC:L/Au:S/C:P/I:C/A:C",
"Cvss3": "AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H",
"Cwe": "CWE-78",
"Href": "https://bdu.fstec.ru/vul/2023-08957",
"Impact": "High",
"Public": "20231211",
"CveID": "BDU:2023-08957"
}
],
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"Cwe": "CWE-129",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-0950",
"Impact": "High",
"Public": "20230525",
"CveID": "CVE-2023-0950"
},
{
"Cvss3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"Cwe": "CWE-22",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1183",
"Impact": "Low",
"Public": "20230710",
"CveID": "CVE-2023-1183"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"Cwe": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-2255",
"Impact": "Low",
"Public": "20230525",
"CveID": "CVE-2023-2255"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-6185",
"Impact": "High",
"Public": "20231211",
"CveID": "CVE-2023-6185"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-281",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-6186",
"Impact": "High",
"Public": "20231211",
"CveID": "CVE-2023-6186"
}
],
"Bugzilla": [
{
"Id": "46320",
"Href": "https://bugzilla.altlinux.org/46320",
"Data": "Обновить стабильную версию LibreOffice-still"
},
{
"Id": "48841",
"Href": "https://bugzilla.altlinux.org/48841",
"Data": "Сломалась сборка Libreoffice-still"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241179001",
"Comment": "LibreOffice-still is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179002",
"Comment": "LibreOffice-still-common is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179003",
"Comment": "LibreOffice-still-extensions is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179004",
"Comment": "LibreOffice-still-gtk3 is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179005",
"Comment": "LibreOffice-still-integrated is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179006",
"Comment": "LibreOffice-still-kde5 is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179007",
"Comment": "LibreOffice-still-langpack-be is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179008",
"Comment": "LibreOffice-still-langpack-de is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179009",
"Comment": "LibreOffice-still-langpack-el is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179010",
"Comment": "LibreOffice-still-langpack-es is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179011",
"Comment": "LibreOffice-still-langpack-fr is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179012",
"Comment": "LibreOffice-still-langpack-kk is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179013",
"Comment": "LibreOffice-still-langpack-ky is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179014",
"Comment": "LibreOffice-still-langpack-pt-BR is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179015",
"Comment": "LibreOffice-still-langpack-ru is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179016",
"Comment": "LibreOffice-still-langpack-tt is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179017",
"Comment": "LibreOffice-still-langpack-uk is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179018",
"Comment": "LibreOffice-still-langpack-uz is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179019",
"Comment": "LibreOffice-still-mimetypes is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179020",
"Comment": "LibreOffice-still-qt5 is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179021",
"Comment": "LibreOffice-still-sdk is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179022",
"Comment": "libreofficekit-still is earlier than 0:7.5.9.2-alt1.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241179023",
"Comment": "libreofficekit-still-devel is earlier than 0:7.5.9.2-alt1.p10.1"
}
]
}
]
}
}
]
}

166
oval/c10f1/ALT-PU-2024-1179/objects.json Normal file
View File

@ -0,0 +1,166 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241179001",
"Version": "1",
"comment": "LibreOffice-still is installed",
"Name": "LibreOffice-still"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179002",
"Version": "1",
"comment": "LibreOffice-still-common is installed",
"Name": "LibreOffice-still-common"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179003",
"Version": "1",
"comment": "LibreOffice-still-extensions is installed",
"Name": "LibreOffice-still-extensions"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179004",
"Version": "1",
"comment": "LibreOffice-still-gtk3 is installed",
"Name": "LibreOffice-still-gtk3"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179005",
"Version": "1",
"comment": "LibreOffice-still-integrated is installed",
"Name": "LibreOffice-still-integrated"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179006",
"Version": "1",
"comment": "LibreOffice-still-kde5 is installed",
"Name": "LibreOffice-still-kde5"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179007",
"Version": "1",
"comment": "LibreOffice-still-langpack-be is installed",
"Name": "LibreOffice-still-langpack-be"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179008",
"Version": "1",
"comment": "LibreOffice-still-langpack-de is installed",
"Name": "LibreOffice-still-langpack-de"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179009",
"Version": "1",
"comment": "LibreOffice-still-langpack-el is installed",
"Name": "LibreOffice-still-langpack-el"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179010",
"Version": "1",
"comment": "LibreOffice-still-langpack-es is installed",
"Name": "LibreOffice-still-langpack-es"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179011",
"Version": "1",
"comment": "LibreOffice-still-langpack-fr is installed",
"Name": "LibreOffice-still-langpack-fr"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179012",
"Version": "1",
"comment": "LibreOffice-still-langpack-kk is installed",
"Name": "LibreOffice-still-langpack-kk"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179013",
"Version": "1",
"comment": "LibreOffice-still-langpack-ky is installed",
"Name": "LibreOffice-still-langpack-ky"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179014",
"Version": "1",
"comment": "LibreOffice-still-langpack-pt-BR is installed",
"Name": "LibreOffice-still-langpack-pt-BR"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179015",
"Version": "1",
"comment": "LibreOffice-still-langpack-ru is installed",
"Name": "LibreOffice-still-langpack-ru"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179016",
"Version": "1",
"comment": "LibreOffice-still-langpack-tt is installed",
"Name": "LibreOffice-still-langpack-tt"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179017",
"Version": "1",
"comment": "LibreOffice-still-langpack-uk is installed",
"Name": "LibreOffice-still-langpack-uk"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179018",
"Version": "1",
"comment": "LibreOffice-still-langpack-uz is installed",
"Name": "LibreOffice-still-langpack-uz"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179019",
"Version": "1",
"comment": "LibreOffice-still-mimetypes is installed",
"Name": "LibreOffice-still-mimetypes"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179020",
"Version": "1",
"comment": "LibreOffice-still-qt5 is installed",
"Name": "LibreOffice-still-qt5"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179021",
"Version": "1",
"comment": "LibreOffice-still-sdk is installed",
"Name": "LibreOffice-still-sdk"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179022",
"Version": "1",
"comment": "libreofficekit-still is installed",
"Name": "libreofficekit-still"
},
{
"ID": "oval:org.altlinux.errata:obj:20241179023",
"Version": "1",
"comment": "libreofficekit-still-devel is installed",
"Name": "libreofficekit-still-devel"
}
]
}

23
oval/c10f1/ALT-PU-2024-1179/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241179001",
"Version": "1",
"Comment": "package EVR is earlier than 0:7.5.9.2-alt1.p10.1",
"Arch": {},
"Evr": {
"Text": "0:7.5.9.2-alt1.p10.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

294
oval/c10f1/ALT-PU-2024-1179/tests.json Normal file
View File

@ -0,0 +1,294 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241179001",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179002",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-common is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179003",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-extensions is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179004",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-gtk3 is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179005",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-integrated is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179006",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-kde5 is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179007",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-be is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179008",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-de is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179009",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-el is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179010",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-es is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179011",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-fr is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179012",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-kk is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179013",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-ky is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179014",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-pt-BR is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179015",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-ru is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179016",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-tt is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179017",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-uk is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179018",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-uz is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179018"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179019",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-mimetypes is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179019"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179020",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-qt5 is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179020"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179021",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-sdk is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179021"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179022",
"Version": "1",
"Check": "all",
"Comment": "libreofficekit-still is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179022"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241179023",
"Version": "1",
"Check": "all",
"Comment": "libreofficekit-still-devel is earlier than 0:7.5.9.2-alt1.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241179023"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241179001"
}
}
]
}

73
oval/c10f2/ALT-PU-2024-1151/definitions.json Normal file
View File

@ -0,0 +1,73 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241151",
"Version": "oval:org.altlinux.errata:def:20241151",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1151: package `alterator-net-iptables` update to version 4.19.11-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1151",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1151",
"Source": "ALTPU"
}
],
"Description": "This update upgrades alterator-net-iptables to version 4.19.11-alt1. \nSecurity Fix(es):\n\n * #37437: Ошибка при добавлении клиента на внутреннем интерфейсе",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2023 BaseALT Ltd.",
"Issued": {
"Date": "2024-01-22"
},
"Updated": {
"Date": "2024-01-22"
},
"bdu": null,
"Bugzilla": [
{
"Id": "37437",
"Href": "https://bugzilla.altlinux.org/37437",
"Data": "Ошибка при добавлении клиента на внутреннем интерфейсе"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241151001",
"Comment": "alterator-net-iptables is earlier than 0:4.19.11-alt1"
}
]
}
]
}
}
]
}

34
oval/c10f2/ALT-PU-2024-1151/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241151001",
"Version": "1",
"comment": "alterator-net-iptables is installed",
"Name": "alterator-net-iptables"
}
]
}

23
oval/c10f2/ALT-PU-2024-1151/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241151001",
"Version": "1",
"Comment": "package EVR is earlier than 0:4.19.11-alt1",
"Arch": {},
"Evr": {
"Text": "0:4.19.11-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f2/ALT-PU-2024-1151/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241151001",
"Version": "1",
"Check": "all",
"Comment": "alterator-net-iptables is earlier than 0:4.19.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241151001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241151001"
}
}
]
}

319
oval/c10f2/ALT-PU-2024-1221/definitions.json Normal file
View File

@ -0,0 +1,319 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241221",
"Version": "oval:org.altlinux.errata:def:20241221",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1221: package `qt6-base` update to version 6.4.2-alt4",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1221",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1221",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-02373",
"RefURL": "https://bdu.fstec.ru/vul/2023-02373",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03689",
"RefURL": "https://bdu.fstec.ru/vul/2023-03689",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03802",
"RefURL": "https://bdu.fstec.ru/vul/2023-03802",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03803",
"RefURL": "https://bdu.fstec.ru/vul/2023-03803",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03876",
"RefURL": "https://bdu.fstec.ru/vul/2023-03876",
"Source": "BDU"
},
{
"RefID": "CVE-2023-24607",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-24607",
"Source": "CVE"
},
{
"RefID": "CVE-2023-32762",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-32762",
"Source": "CVE"
},
{
"RefID": "CVE-2023-32763",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-32763",
"Source": "CVE"
},
{
"RefID": "CVE-2023-33285",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-33285",
"Source": "CVE"
},
{
"RefID": "CVE-2023-34410",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-34410",
"Source": "CVE"
}
],
"Description": "This update upgrades qt6-base to version 6.4.2-alt4. \nSecurity Fix(es):\n\n * BDU:2023-02373: Уязвимость плагина SQL ODBC кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-03689: Уязвимость кроссплатформенного фреймворка для разработки программного обеспечения Qt, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю обойти существующие ограничения безопасности\n\n * BDU:2023-03802: Уязвимость компонента QTextLayout кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-03803: Уязвимость кроссплатформенного фреймворка для разработки программного обеспечения Qt, связанная с передачей защищаемой информации в незашифрованном виде, позволяющая нарушителю оказать воздействие на целостность данных\n\n * BDU:2023-03876: Уязвимость компонента QDnsLookup кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2023-24607: Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.\n\n * CVE-2023-32762: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.\n\n * CVE-2023-32763: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.\n\n * CVE-2023-33285: An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.\n\n * CVE-2023-34410: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.\n\n * #46477: qt6-base: ошибка сборки на архитектуре LoongArch",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2023 BaseALT Ltd.",
"Issued": {
"Date": "2024-01-22"
},
"Updated": {
"Date": "2024-01-22"
},
"bdu": [
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-20, CWE-404",
"Href": "https://bdu.fstec.ru/vul/2023-02373",
"Impact": "High",
"Public": "20230415",
"CveID": "BDU:2023-02373"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"Cwe": "CWE-295",
"Href": "https://bdu.fstec.ru/vul/2023-03689",
"Impact": "Low",
"Public": "20230604",
"CveID": "BDU:2023-03689"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-120",
"Href": "https://bdu.fstec.ru/vul/2023-03802",
"Impact": "High",
"Public": "20230522",
"CveID": "BDU:2023-03802"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"Cwe": "CWE-319",
"Href": "https://bdu.fstec.ru/vul/2023-03803",
"Impact": "Low",
"Public": "20230508",
"CveID": "BDU:2023-03803"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"Cwe": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2023-03876",
"Impact": "Low",
"Public": "20230512",
"CveID": "BDU:2023-03876"
}
],
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-24607",
"Impact": "High",
"Public": "20230415",
"CveID": "CVE-2023-24607"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"Cwe": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-32762",
"Impact": "Low",
"Public": "20230528",
"CveID": "CVE-2023-32762"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-32763",
"Impact": "High",
"Public": "20230528",
"CveID": "CVE-2023-32763"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"Cwe": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-33285",
"Impact": "Low",
"Public": "20230522",
"CveID": "CVE-2023-33285"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"Cwe": "CWE-295",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-34410",
"Impact": "Low",
"Public": "20230605",
"CveID": "CVE-2023-34410"
}
],
"Bugzilla": [
{
"Id": "46477",
"Href": "https://bugzilla.altlinux.org/46477",
"Data": "qt6-base: ошибка сборки на архитектуре LoongArch"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241221001",
"Comment": "libqt6-concurrent is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221002",
"Comment": "libqt6-core is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221003",
"Comment": "libqt6-dbus is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221004",
"Comment": "libqt6-eglfsdeviceintegration is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221005",
"Comment": "libqt6-eglfskmsgbmsupport is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221006",
"Comment": "libqt6-eglfskmssupport is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221007",
"Comment": "libqt6-gui is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221008",
"Comment": "libqt6-network is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221009",
"Comment": "libqt6-opengl is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221010",
"Comment": "libqt6-openglwidgets is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221011",
"Comment": "libqt6-printsupport is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221012",
"Comment": "libqt6-sql is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221013",
"Comment": "libqt6-test is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221014",
"Comment": "libqt6-widgets is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221015",
"Comment": "libqt6-xcbqpa is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221016",
"Comment": "libqt6-xml is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221017",
"Comment": "qt6-base-common is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221018",
"Comment": "qt6-base-devel is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221019",
"Comment": "qt6-base-devel-static is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221020",
"Comment": "qt6-base-doc is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221021",
"Comment": "qt6-qtbase is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221022",
"Comment": "qt6-qtbase-gui is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221023",
"Comment": "qt6-sql is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221024",
"Comment": "qt6-sql-interbase is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221025",
"Comment": "qt6-sql-mysql is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221026",
"Comment": "qt6-sql-odbc is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221027",
"Comment": "qt6-sql-postgresql is earlier than 0:6.4.2-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241221028",
"Comment": "rpm-macros-qt6 is earlier than 0:6.4.2-alt4"
}
]
}
]
}
}
]
}

196
oval/c10f2/ALT-PU-2024-1221/objects.json Normal file
View File

@ -0,0 +1,196 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241221001",
"Version": "1",
"comment": "libqt6-concurrent is installed",
"Name": "libqt6-concurrent"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221002",
"Version": "1",
"comment": "libqt6-core is installed",
"Name": "libqt6-core"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221003",
"Version": "1",
"comment": "libqt6-dbus is installed",
"Name": "libqt6-dbus"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221004",
"Version": "1",
"comment": "libqt6-eglfsdeviceintegration is installed",
"Name": "libqt6-eglfsdeviceintegration"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221005",
"Version": "1",
"comment": "libqt6-eglfskmsgbmsupport is installed",
"Name": "libqt6-eglfskmsgbmsupport"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221006",
"Version": "1",
"comment": "libqt6-eglfskmssupport is installed",
"Name": "libqt6-eglfskmssupport"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221007",
"Version": "1",
"comment": "libqt6-gui is installed",
"Name": "libqt6-gui"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221008",
"Version": "1",
"comment": "libqt6-network is installed",
"Name": "libqt6-network"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221009",
"Version": "1",
"comment": "libqt6-opengl is installed",
"Name": "libqt6-opengl"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221010",
"Version": "1",
"comment": "libqt6-openglwidgets is installed",
"Name": "libqt6-openglwidgets"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221011",
"Version": "1",
"comment": "libqt6-printsupport is installed",
"Name": "libqt6-printsupport"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221012",
"Version": "1",
"comment": "libqt6-sql is installed",
"Name": "libqt6-sql"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221013",
"Version": "1",
"comment": "libqt6-test is installed",
"Name": "libqt6-test"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221014",
"Version": "1",
"comment": "libqt6-widgets is installed",
"Name": "libqt6-widgets"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221015",
"Version": "1",
"comment": "libqt6-xcbqpa is installed",
"Name": "libqt6-xcbqpa"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221016",
"Version": "1",
"comment": "libqt6-xml is installed",
"Name": "libqt6-xml"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221017",
"Version": "1",
"comment": "qt6-base-common is installed",
"Name": "qt6-base-common"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221018",
"Version": "1",
"comment": "qt6-base-devel is installed",
"Name": "qt6-base-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221019",
"Version": "1",
"comment": "qt6-base-devel-static is installed",
"Name": "qt6-base-devel-static"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221020",
"Version": "1",
"comment": "qt6-base-doc is installed",
"Name": "qt6-base-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221021",
"Version": "1",
"comment": "qt6-qtbase is installed",
"Name": "qt6-qtbase"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221022",
"Version": "1",
"comment": "qt6-qtbase-gui is installed",
"Name": "qt6-qtbase-gui"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221023",
"Version": "1",
"comment": "qt6-sql is installed",
"Name": "qt6-sql"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221024",
"Version": "1",
"comment": "qt6-sql-interbase is installed",
"Name": "qt6-sql-interbase"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221025",
"Version": "1",
"comment": "qt6-sql-mysql is installed",
"Name": "qt6-sql-mysql"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221026",
"Version": "1",
"comment": "qt6-sql-odbc is installed",
"Name": "qt6-sql-odbc"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221027",
"Version": "1",
"comment": "qt6-sql-postgresql is installed",
"Name": "qt6-sql-postgresql"
},
{
"ID": "oval:org.altlinux.errata:obj:20241221028",
"Version": "1",
"comment": "rpm-macros-qt6 is installed",
"Name": "rpm-macros-qt6"
}
]
}

23
oval/c10f2/ALT-PU-2024-1221/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241221001",
"Version": "1",
"Comment": "package EVR is earlier than 0:6.4.2-alt4",
"Arch": {},
"Evr": {
"Text": "0:6.4.2-alt4",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

354
oval/c10f2/ALT-PU-2024-1221/tests.json Normal file
View File

@ -0,0 +1,354 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241221001",
"Version": "1",
"Check": "all",
"Comment": "libqt6-concurrent is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221002",
"Version": "1",
"Check": "all",
"Comment": "libqt6-core is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221003",
"Version": "1",
"Check": "all",
"Comment": "libqt6-dbus is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221004",
"Version": "1",
"Check": "all",
"Comment": "libqt6-eglfsdeviceintegration is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221005",
"Version": "1",
"Check": "all",
"Comment": "libqt6-eglfskmsgbmsupport is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221006",
"Version": "1",
"Check": "all",
"Comment": "libqt6-eglfskmssupport is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221007",
"Version": "1",
"Check": "all",
"Comment": "libqt6-gui is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221008",
"Version": "1",
"Check": "all",
"Comment": "libqt6-network is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221009",
"Version": "1",
"Check": "all",
"Comment": "libqt6-opengl is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221010",
"Version": "1",
"Check": "all",
"Comment": "libqt6-openglwidgets is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221011",
"Version": "1",
"Check": "all",
"Comment": "libqt6-printsupport is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221012",
"Version": "1",
"Check": "all",
"Comment": "libqt6-sql is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221013",
"Version": "1",
"Check": "all",
"Comment": "libqt6-test is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221014",
"Version": "1",
"Check": "all",
"Comment": "libqt6-widgets is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221015",
"Version": "1",
"Check": "all",
"Comment": "libqt6-xcbqpa is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221016",
"Version": "1",
"Check": "all",
"Comment": "libqt6-xml is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221017",
"Version": "1",
"Check": "all",
"Comment": "qt6-base-common is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221018",
"Version": "1",
"Check": "all",
"Comment": "qt6-base-devel is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221018"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221019",
"Version": "1",
"Check": "all",
"Comment": "qt6-base-devel-static is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221019"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221020",
"Version": "1",
"Check": "all",
"Comment": "qt6-base-doc is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221020"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221021",
"Version": "1",
"Check": "all",
"Comment": "qt6-qtbase is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221021"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221022",
"Version": "1",
"Check": "all",
"Comment": "qt6-qtbase-gui is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221022"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221023",
"Version": "1",
"Check": "all",
"Comment": "qt6-sql is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221023"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221024",
"Version": "1",
"Check": "all",
"Comment": "qt6-sql-interbase is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221024"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221025",
"Version": "1",
"Check": "all",
"Comment": "qt6-sql-mysql is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221025"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221026",
"Version": "1",
"Check": "all",
"Comment": "qt6-sql-odbc is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221026"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221027",
"Version": "1",
"Check": "all",
"Comment": "qt6-sql-postgresql is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221027"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241221028",
"Version": "1",
"Check": "all",
"Comment": "rpm-macros-qt6 is earlier than 0:6.4.2-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241221028"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241221001"
}
}
]
}

145
oval/c10f2/ALT-PU-2024-1227/definitions.json Normal file
View File

@ -0,0 +1,145 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241227",
"Version": "oval:org.altlinux.errata:def:20241227",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1227: package `freeswitch` update to version 1.10.11-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1227",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1227",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-51443",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-51443",
"Source": "CVE"
}
],
"Description": "This update upgrades freeswitch to version 1.10.11-alt1. \nSecurity Fix(es):\n\n * CVE-2023-51443: FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. If an attacker manages to send a ClientHello DTLS message with an invalid CipherSuite (such as `TLS_NULL_WITH_NULL_NULL`) to the port on the FreeSWITCH server that is expecting packets from the caller, a DTLS error is generated. This results in the media session being torn down, which is followed by teardown at signaling (SIP) level too. Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable FreeSWITCH servers for calls that rely on DTLS-SRTP. To address this vulnerability, upgrade FreeSWITCH to 1.10.11 which includes the security fix. The solution implemented is to drop all packets from addresses that have not been validated by an ICE check.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2023 BaseALT Ltd.",
"Issued": {
"Date": "2024-01-23"
},
"Updated": {
"Date": "2024-01-23"
},
"bdu": null,
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-703",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-51443",
"Impact": "High",
"Public": "20231227",
"CveID": "CVE-2023-51443"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241227001",
"Comment": "freeswitch-av is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227002",
"Comment": "freeswitch-daemon is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227003",
"Comment": "freeswitch-imagick is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227004",
"Comment": "freeswitch-java is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227005",
"Comment": "freeswitch-lang-de is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227006",
"Comment": "freeswitch-lang-en is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227007",
"Comment": "freeswitch-lang-es is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227008",
"Comment": "freeswitch-lang-fr is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227009",
"Comment": "freeswitch-lang-he is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227010",
"Comment": "freeswitch-lang-pt is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227011",
"Comment": "freeswitch-lang-ru is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227012",
"Comment": "freeswitch-lua is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227013",
"Comment": "freeswitch-perl is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227014",
"Comment": "freeswitch-vlc is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227015",
"Comment": "freeswitch-webui is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227016",
"Comment": "libfreeswitch is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241227017",
"Comment": "libfreeswitch-devel is earlier than 1:1.10.11-alt1"
}
]
}
]
}
}
]
}

130
oval/c10f2/ALT-PU-2024-1227/objects.json Normal file
View File

@ -0,0 +1,130 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241227001",
"Version": "1",
"comment": "freeswitch-av is installed",
"Name": "freeswitch-av"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227002",
"Version": "1",
"comment": "freeswitch-daemon is installed",
"Name": "freeswitch-daemon"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227003",
"Version": "1",
"comment": "freeswitch-imagick is installed",
"Name": "freeswitch-imagick"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227004",
"Version": "1",
"comment": "freeswitch-java is installed",
"Name": "freeswitch-java"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227005",
"Version": "1",
"comment": "freeswitch-lang-de is installed",
"Name": "freeswitch-lang-de"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227006",
"Version": "1",
"comment": "freeswitch-lang-en is installed",
"Name": "freeswitch-lang-en"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227007",
"Version": "1",
"comment": "freeswitch-lang-es is installed",
"Name": "freeswitch-lang-es"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227008",
"Version": "1",
"comment": "freeswitch-lang-fr is installed",
"Name": "freeswitch-lang-fr"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227009",
"Version": "1",
"comment": "freeswitch-lang-he is installed",
"Name": "freeswitch-lang-he"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227010",
"Version": "1",
"comment": "freeswitch-lang-pt is installed",
"Name": "freeswitch-lang-pt"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227011",
"Version": "1",
"comment": "freeswitch-lang-ru is installed",
"Name": "freeswitch-lang-ru"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227012",
"Version": "1",
"comment": "freeswitch-lua is installed",
"Name": "freeswitch-lua"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227013",
"Version": "1",
"comment": "freeswitch-perl is installed",
"Name": "freeswitch-perl"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227014",
"Version": "1",
"comment": "freeswitch-vlc is installed",
"Name": "freeswitch-vlc"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227015",
"Version": "1",
"comment": "freeswitch-webui is installed",
"Name": "freeswitch-webui"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227016",
"Version": "1",
"comment": "libfreeswitch is installed",
"Name": "libfreeswitch"
},
{
"ID": "oval:org.altlinux.errata:obj:20241227017",
"Version": "1",
"comment": "libfreeswitch-devel is installed",
"Name": "libfreeswitch-devel"
}
]
}

23
oval/c10f2/ALT-PU-2024-1227/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241227001",
"Version": "1",
"Comment": "package EVR is earlier than 1:1.10.11-alt1",
"Arch": {},
"Evr": {
"Text": "1:1.10.11-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

222
oval/c10f2/ALT-PU-2024-1227/tests.json Normal file
View File

@ -0,0 +1,222 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241227001",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-av is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227002",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-daemon is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227003",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-imagick is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227004",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-java is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227005",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-de is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227006",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-en is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227007",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-es is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227008",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-fr is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227009",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-he is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227010",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-pt is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227011",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-ru is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227012",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lua is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227013",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-perl is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227014",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-vlc is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227015",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-webui is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227016",
"Version": "1",
"Check": "all",
"Comment": "libfreeswitch is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241227017",
"Version": "1",
"Check": "all",
"Comment": "libfreeswitch-devel is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241227017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241227001"
}
}
]
}

107
oval/c10f2/ALT-PU-2024-1262/definitions.json Normal file
View File

@ -0,0 +1,107 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241262",
"Version": "oval:org.altlinux.errata:def:20241262",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1262: package `traefik` update to version 2.10.7-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1262",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1262",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-47106",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-47106",
"Source": "CVE"
},
{
"RefID": "CVE-2023-47124",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-47124",
"Source": "CVE"
},
{
"RefID": "CVE-2023-47633",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-47633",
"Source": "CVE"
}
],
"Description": "This update upgrades traefik to version 2.10.7-alt1. \nSecurity Fix(es):\n\n * CVE-2023-47106: Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path and the query. When this is combined with another frontend proxy like Nginx, it can be used to bypass frontend proxy URI-based access control restrictions. This vulnerability has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2023-47124: Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the `HTTPChallenge` to generate and renew the Let's Encrypt TLS certificates, the delay authorized to solve the challenge (50 seconds) can be exploited by attackers to achieve a `slowloris attack`. This vulnerability has been patch in version 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. Users unable to upgrade should replace the `HTTPChallenge` with the `TLSChallenge` or the `DNSChallenge`.\n\n * CVE-2023-47633: Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2023 BaseALT Ltd.",
"Issued": {
"Date": "2024-01-23"
},
"Updated": {
"Date": "2024-01-23"
},
"bdu": null,
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"Cwe": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-47106",
"Impact": "Low",
"Public": "20231204",
"CveID": "CVE-2023-47106"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-772",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-47124",
"Impact": "Low",
"Public": "20231204",
"CveID": "CVE-2023-47124"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-47633",
"Impact": "High",
"Public": "20231204",
"CveID": "CVE-2023-47633"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241262001",
"Comment": "traefik is earlier than 0:2.10.7-alt1"
}
]
}
]
}
}
]
}

34
oval/c10f2/ALT-PU-2024-1262/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241262001",
"Version": "1",
"comment": "traefik is installed",
"Name": "traefik"
}
]
}

23
oval/c10f2/ALT-PU-2024-1262/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241262001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2.10.7-alt1",
"Arch": {},
"Evr": {
"Text": "0:2.10.7-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f2/ALT-PU-2024-1262/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241262001",
"Version": "1",
"Check": "all",
"Comment": "traefik is earlier than 0:2.10.7-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241262001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241262001"
}
}
]
}

173
oval/p10/ALT-PU-2024-1184/definitions.json Normal file
View File

@ -0,0 +1,173 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241184",
"Version": "oval:org.altlinux.errata:def:20241184",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1184: package `freeswitch` update to version 1.10.11-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1184",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1184",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-51443",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-51443",
"Source": "CVE"
}
],
"Description": "This update upgrades freeswitch to version 1.10.11-alt1. \nSecurity Fix(es):\n\n * CVE-2023-51443: FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. If an attacker manages to send a ClientHello DTLS message with an invalid CipherSuite (such as `TLS_NULL_WITH_NULL_NULL`) to the port on the FreeSWITCH server that is expecting packets from the caller, a DTLS error is generated. This results in the media session being torn down, which is followed by teardown at signaling (SIP) level too. Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable FreeSWITCH servers for calls that rely on DTLS-SRTP. To address this vulnerability, upgrade FreeSWITCH to 1.10.11 which includes the security fix. The solution implemented is to drop all packets from addresses that have not been validated by an ICE check.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2023 BaseALT Ltd.",
"Issued": {
"Date": "2024-01-22"
},
"Updated": {
"Date": "2024-01-22"
},
"bdu": null,
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-703",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-51443",
"Impact": "High",
"Public": "20231227",
"CveID": "CVE-2023-51443"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241184001",
"Comment": "freeswitch-av is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184002",
"Comment": "freeswitch-daemon is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184003",
"Comment": "freeswitch-imagick is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184004",
"Comment": "freeswitch-java is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184005",
"Comment": "freeswitch-lang-de is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184006",
"Comment": "freeswitch-lang-en is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184007",
"Comment": "freeswitch-lang-es is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184008",
"Comment": "freeswitch-lang-fr is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184009",
"Comment": "freeswitch-lang-he is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184010",
"Comment": "freeswitch-lang-pt is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184011",
"Comment": "freeswitch-lang-ru is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184012",
"Comment": "freeswitch-lua is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184013",
"Comment": "freeswitch-perl is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184014",
"Comment": "freeswitch-vlc is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184015",
"Comment": "freeswitch-webui is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184016",
"Comment": "libfreeswitch is earlier than 1:1.10.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241184017",
"Comment": "libfreeswitch-devel is earlier than 1:1.10.11-alt1"
}
]
}
]
}
}
]
}

130
oval/p10/ALT-PU-2024-1184/objects.json Normal file
View File

@ -0,0 +1,130 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241184001",
"Version": "1",
"comment": "freeswitch-av is installed",
"Name": "freeswitch-av"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184002",
"Version": "1",
"comment": "freeswitch-daemon is installed",
"Name": "freeswitch-daemon"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184003",
"Version": "1",
"comment": "freeswitch-imagick is installed",
"Name": "freeswitch-imagick"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184004",
"Version": "1",
"comment": "freeswitch-java is installed",
"Name": "freeswitch-java"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184005",
"Version": "1",
"comment": "freeswitch-lang-de is installed",
"Name": "freeswitch-lang-de"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184006",
"Version": "1",
"comment": "freeswitch-lang-en is installed",
"Name": "freeswitch-lang-en"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184007",
"Version": "1",
"comment": "freeswitch-lang-es is installed",
"Name": "freeswitch-lang-es"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184008",
"Version": "1",
"comment": "freeswitch-lang-fr is installed",
"Name": "freeswitch-lang-fr"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184009",
"Version": "1",
"comment": "freeswitch-lang-he is installed",
"Name": "freeswitch-lang-he"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184010",
"Version": "1",
"comment": "freeswitch-lang-pt is installed",
"Name": "freeswitch-lang-pt"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184011",
"Version": "1",
"comment": "freeswitch-lang-ru is installed",
"Name": "freeswitch-lang-ru"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184012",
"Version": "1",
"comment": "freeswitch-lua is installed",
"Name": "freeswitch-lua"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184013",
"Version": "1",
"comment": "freeswitch-perl is installed",
"Name": "freeswitch-perl"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184014",
"Version": "1",
"comment": "freeswitch-vlc is installed",
"Name": "freeswitch-vlc"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184015",
"Version": "1",
"comment": "freeswitch-webui is installed",
"Name": "freeswitch-webui"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184016",
"Version": "1",
"comment": "libfreeswitch is installed",
"Name": "libfreeswitch"
},
{
"ID": "oval:org.altlinux.errata:obj:20241184017",
"Version": "1",
"comment": "libfreeswitch-devel is installed",
"Name": "libfreeswitch-devel"
}
]
}

23
oval/p10/ALT-PU-2024-1184/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241184001",
"Version": "1",
"Comment": "package EVR is earlier than 1:1.10.11-alt1",
"Arch": {},
"Evr": {
"Text": "1:1.10.11-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

222
oval/p10/ALT-PU-2024-1184/tests.json Normal file
View File

@ -0,0 +1,222 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241184001",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-av is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184002",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-daemon is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184003",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-imagick is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184004",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-java is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184005",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-de is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184006",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-en is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184007",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-es is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184008",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-fr is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184009",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-he is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184010",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-pt is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184011",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lang-ru is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184012",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-lua is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184013",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-perl is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184014",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-vlc is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184015",
"Version": "1",
"Check": "all",
"Comment": "freeswitch-webui is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184016",
"Version": "1",
"Check": "all",
"Comment": "libfreeswitch is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241184017",
"Version": "1",
"Check": "all",
"Comment": "libfreeswitch-devel is earlier than 1:1.10.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241184017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241184001"
}
}
]
}

187
oval/p9/ALT-PU-2024-1181/definitions.json Normal file
View File

@ -0,0 +1,187 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241181",
"Version": "oval:org.altlinux.errata:def:20241181",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1181: package `xorg-server` update to version 1.20.8-alt12",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1181",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1181",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-00405",
"RefURL": "https://bdu.fstec.ru/vul/2024-00405",
"Source": "BDU"
},
{
"RefID": "CVE-2023-6816",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-6816",
"Source": "CVE"
},
{
"RefID": "CVE-2024-0229",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-0229",
"Source": "CVE"
},
{
"RefID": "CVE-2024-0408",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-0408",
"Source": "CVE"
},
{
"RefID": "CVE-2024-0409",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-0409",
"Source": "CVE"
},
{
"RefID": "CVE-2024-21885",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21885",
"Source": "CVE"
},
{
"RefID": "CVE-2024-21886",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21886",
"Source": "CVE"
}
],
"Description": "This update upgrades xorg-server to version 1.20.8-alt12. \nSecurity Fix(es):\n\n * BDU:2024-00405: Уязвимость функций DeviceFocusEvent и XIQueryPointer реализации сервера X Window System X.Org Server, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2023-6816: A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.\n\n * CVE-2024-0229: description unavailable\n\n * CVE-2024-0408: A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.\n\n * CVE-2024-0409: A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.\n\n * CVE-2024-21885: description unavailable\n\n * CVE-2024-21886: description unavailable",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2023 BaseALT Ltd.",
"Issued": {
"Date": "2024-01-23"
},
"Updated": {
"Date": "2024-01-23"
},
"bdu": [
{
"Cvss": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"Cvss3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2024-00405",
"Impact": "High",
"Public": "20240116",
"CveID": "BDU:2024-00405"
}
],
"Cves": [
{
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-6816",
"Impact": "None",
"Public": "20240118",
"CveID": "CVE-2023-6816"
},
{
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-0408",
"Impact": "None",
"Public": "20240118",
"CveID": "CVE-2024-0408"
},
{
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-0409",
"Impact": "None",
"Public": "20240118",
"CveID": "CVE-2024-0409"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241181001",
"Comment": "xorg-sdk is earlier than 2:1.20.8-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241181002",
"Comment": "xorg-server is earlier than 2:1.20.8-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241181003",
"Comment": "xorg-server-common is earlier than 2:1.20.8-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241181004",
"Comment": "xorg-xdmx is earlier than 2:1.20.8-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241181005",
"Comment": "xorg-xephyr is earlier than 2:1.20.8-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241181006",
"Comment": "xorg-xnest is earlier than 2:1.20.8-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241181007",
"Comment": "xorg-xvfb is earlier than 2:1.20.8-alt12"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241181008",
"Comment": "xorg-xwayland is earlier than 2:1.20.8-alt12"
}
]
}
]
}
}
]
}

76
oval/p9/ALT-PU-2024-1181/objects.json Normal file
View File

@ -0,0 +1,76 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:1001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241181001",
"Version": "1",
"comment": "xorg-sdk is installed",
"Name": "xorg-sdk"
},
{
"ID": "oval:org.altlinux.errata:obj:20241181002",
"Version": "1",
"comment": "xorg-server is installed",
"Name": "xorg-server"
},
{
"ID": "oval:org.altlinux.errata:obj:20241181003",
"Version": "1",
"comment": "xorg-server-common is installed",
"Name": "xorg-server-common"
},
{
"ID": "oval:org.altlinux.errata:obj:20241181004",
"Version": "1",
"comment": "xorg-xdmx is installed",
"Name": "xorg-xdmx"
},
{
"ID": "oval:org.altlinux.errata:obj:20241181005",
"Version": "1",
"comment": "xorg-xephyr is installed",
"Name": "xorg-xephyr"
},
{
"ID": "oval:org.altlinux.errata:obj:20241181006",
"Version": "1",
"comment": "xorg-xnest is installed",
"Name": "xorg-xnest"
},
{
"ID": "oval:org.altlinux.errata:obj:20241181007",
"Version": "1",
"comment": "xorg-xvfb is installed",
"Name": "xorg-xvfb"
},
{
"ID": "oval:org.altlinux.errata:obj:20241181008",
"Version": "1",
"comment": "xorg-xwayland is installed",
"Name": "xorg-xwayland"
}
]
}

23
oval/p9/ALT-PU-2024-1181/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:1001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241181001",
"Version": "1",
"Comment": "package EVR is earlier than 2:1.20.8-alt12",
"Arch": {},
"Evr": {
"Text": "2:1.20.8-alt12",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

114
oval/p9/ALT-PU-2024-1181/tests.json Normal file
View File

@ -0,0 +1,114 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:1001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p9' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:1001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:1001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241181001",
"Version": "1",
"Check": "all",
"Comment": "xorg-sdk is earlier than 2:1.20.8-alt12",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241181001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241181001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241181002",
"Version": "1",
"Check": "all",
"Comment": "xorg-server is earlier than 2:1.20.8-alt12",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241181002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241181001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241181003",
"Version": "1",
"Check": "all",
"Comment": "xorg-server-common is earlier than 2:1.20.8-alt12",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241181003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241181001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241181004",
"Version": "1",
"Check": "all",
"Comment": "xorg-xdmx is earlier than 2:1.20.8-alt12",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241181004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241181001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241181005",
"Version": "1",
"Check": "all",
"Comment": "xorg-xephyr is earlier than 2:1.20.8-alt12",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241181005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241181001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241181006",
"Version": "1",
"Check": "all",
"Comment": "xorg-xnest is earlier than 2:1.20.8-alt12",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241181006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241181001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241181007",
"Version": "1",
"Check": "all",
"Comment": "xorg-xvfb is earlier than 2:1.20.8-alt12",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241181007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241181001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241181008",
"Version": "1",
"Check": "all",
"Comment": "xorg-xwayland is earlier than 2:1.20.8-alt12",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241181008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241181001"
}
}
]
}