pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-12-04 03:04:40 +00:00
parent 56e3ef176b
commit 0a38e5f819
8 changed files with 1234 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
oval/c10f1/ALT-PU-2024-16343/definitions.json Normal file
View File

@ -0,0 +1,147 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416343",
"Version": "oval:org.altlinux.errata:def:202416343",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16343: package `guacamole-server` update to version 1.5.5-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16343",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16343",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-30575",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-30575",
"Source": "CVE"
},
{
"RefID": "CVE-2023-30576",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-30576",
"Source": "CVE"
},
{
"RefID": "CVE-2023-43826",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-43826",
"Source": "CVE"
}
],
"Description": "This update upgrades guacamole-server to version 1.5.5-alt1. \nSecurity Fix(es):\n\n * CVE-2023-30575: Apache Guacamole 1.5.1 and older may incorrectly calculate the lengths of instruction elements sent during the Guacamole protocol handshake, potentially allowing an attacker to inject Guacamole instructions during the handshake through specially-crafted data.\n\n\n\n * CVE-2023-30576: Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process.\n\n\n\n * CVE-2023-43826: Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process.\n\nUsers are recommended to upgrade to version 1.5.4, which fixes this issue.\n\n\n\n * #47735: Не работает SSH подключение без Monospace шрифтов (Unable to load font “monospace”)",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-03"
},
"Updated": {
"Date": "2024-12-03"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2023-30575",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-30575",
"Impact": "High",
"Public": "20230607"
},
{
"ID": "CVE-2023-30576",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-30576",
"Impact": "High",
"Public": "20230607"
},
{
"ID": "CVE-2023-43826",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-43826",
"Impact": "High",
"Public": "20231219"
}
],
"Bugzilla": [
{
"ID": "47735",
"Href": "https://bugzilla.altlinux.org/47735",
"Data": "Не работает SSH подключение без Monospace шрифтов (Unable to load font “monospace”)"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416343001",
"Comment": "guacamole-server is earlier than 0:1.5.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416343002",
"Comment": "guacd is earlier than 0:1.5.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416343003",
"Comment": "libguac is earlier than 0:1.5.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416343004",
"Comment": "libguac-client-kubernetes is earlier than 0:1.5.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416343005",
"Comment": "libguac-client-rdp is earlier than 0:1.5.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416343006",
"Comment": "libguac-client-ssh is earlier than 0:1.5.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416343007",
"Comment": "libguac-client-telnet is earlier than 0:1.5.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416343008",
"Comment": "libguac-client-vnc is earlier than 0:1.5.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416343009",
"Comment": "libguac-devel is earlier than 0:1.5.5-alt1"
}
]
}
]
}
}
]
}

82
oval/c10f1/ALT-PU-2024-16343/objects.json Normal file
View File

@ -0,0 +1,82 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416343001",
"Version": "1",
"Comment": "guacamole-server is installed",
"Name": "guacamole-server"
},
{
"ID": "oval:org.altlinux.errata:obj:202416343002",
"Version": "1",
"Comment": "guacd is installed",
"Name": "guacd"
},
{
"ID": "oval:org.altlinux.errata:obj:202416343003",
"Version": "1",
"Comment": "libguac is installed",
"Name": "libguac"
},
{
"ID": "oval:org.altlinux.errata:obj:202416343004",
"Version": "1",
"Comment": "libguac-client-kubernetes is installed",
"Name": "libguac-client-kubernetes"
},
{
"ID": "oval:org.altlinux.errata:obj:202416343005",
"Version": "1",
"Comment": "libguac-client-rdp is installed",
"Name": "libguac-client-rdp"
},
{
"ID": "oval:org.altlinux.errata:obj:202416343006",
"Version": "1",
"Comment": "libguac-client-ssh is installed",
"Name": "libguac-client-ssh"
},
{
"ID": "oval:org.altlinux.errata:obj:202416343007",
"Version": "1",
"Comment": "libguac-client-telnet is installed",
"Name": "libguac-client-telnet"
},
{
"ID": "oval:org.altlinux.errata:obj:202416343008",
"Version": "1",
"Comment": "libguac-client-vnc is installed",
"Name": "libguac-client-vnc"
},
{
"ID": "oval:org.altlinux.errata:obj:202416343009",
"Version": "1",
"Comment": "libguac-devel is installed",
"Name": "libguac-devel"
}
]
}

23
oval/c10f1/ALT-PU-2024-16343/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416343001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.5.5-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.5.5-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

126
oval/c10f1/ALT-PU-2024-16343/tests.json Normal file
View File

@ -0,0 +1,126 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416343001",
"Version": "1",
"Check": "all",
"Comment": "guacamole-server is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416343002",
"Version": "1",
"Check": "all",
"Comment": "guacd is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416343003",
"Version": "1",
"Check": "all",
"Comment": "libguac is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416343004",
"Version": "1",
"Check": "all",
"Comment": "libguac-client-kubernetes is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416343005",
"Version": "1",
"Check": "all",
"Comment": "libguac-client-rdp is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416343006",
"Version": "1",
"Check": "all",
"Comment": "libguac-client-ssh is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416343007",
"Version": "1",
"Check": "all",
"Comment": "libguac-client-telnet is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416343008",
"Version": "1",
"Check": "all",
"Comment": "libguac-client-vnc is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416343009",
"Version": "1",
"Check": "all",
"Comment": "libguac-devel is earlier than 0:1.5.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416343009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416343001"
}
}
]
}

715
oval/p10/ALT-PU-2024-16417/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

52
oval/p10/ALT-PU-2024-16417/objects.json Normal file
View File

@ -0,0 +1,52 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416417001",
"Version": "1",
"Comment": "moodle is installed",
"Name": "moodle"
},
{
"ID": "oval:org.altlinux.errata:obj:202416417002",
"Version": "1",
"Comment": "moodle-apache2 is installed",
"Name": "moodle-apache2"
},
{
"ID": "oval:org.altlinux.errata:obj:202416417003",
"Version": "1",
"Comment": "moodle-base is installed",
"Name": "moodle-base"
},
{
"ID": "oval:org.altlinux.errata:obj:202416417004",
"Version": "1",
"Comment": "moodle-local-mysql is installed",
"Name": "moodle-local-mysql"
}
]
}

23
oval/p10/ALT-PU-2024-16417/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416417001",
"Version": "1",
"Comment": "package EVR is earlier than 0:4.5.0-alt1",
"Arch": {},
"EVR": {
"Text": "0:4.5.0-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

66
oval/p10/ALT-PU-2024-16417/tests.json Normal file
View File

@ -0,0 +1,66 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416417001",
"Version": "1",
"Check": "all",
"Comment": "moodle is earlier than 0:4.5.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416417001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416417001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416417002",
"Version": "1",
"Check": "all",
"Comment": "moodle-apache2 is earlier than 0:4.5.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416417002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416417001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416417003",
"Version": "1",
"Check": "all",
"Comment": "moodle-base is earlier than 0:4.5.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416417003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416417001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416417004",
"Version": "1",
"Check": "all",
"Comment": "moodle-local-mysql is earlier than 0:4.5.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416417004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416417001"
}
}
]
}