From 1ce8ae3187eda82b34966b960c0a1621b022128b Mon Sep 17 00:00:00 2001 From: pepelyaevip Date: Tue, 7 May 2024 21:02:32 +0000 Subject: [PATCH] ALT Vulnerability --- oval/c9f2/ALT-PU-2024-7394/definitions.json | 89 +++++++++++++++++++++ oval/c9f2/ALT-PU-2024-7394/objects.json | 52 ++++++++++++ oval/c9f2/ALT-PU-2024-7394/states.json | 23 ++++++ oval/c9f2/ALT-PU-2024-7394/tests.json | 66 +++++++++++++++ 4 files changed, 230 insertions(+) create mode 100644 oval/c9f2/ALT-PU-2024-7394/definitions.json create mode 100644 oval/c9f2/ALT-PU-2024-7394/objects.json create mode 100644 oval/c9f2/ALT-PU-2024-7394/states.json create mode 100644 oval/c9f2/ALT-PU-2024-7394/tests.json diff --git a/oval/c9f2/ALT-PU-2024-7394/definitions.json b/oval/c9f2/ALT-PU-2024-7394/definitions.json new file mode 100644 index 0000000000..d720cbf191 --- /dev/null +++ b/oval/c9f2/ALT-PU-2024-7394/definitions.json @@ -0,0 +1,89 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:20247394", + "Version": "oval:org.altlinux.errata:def:20247394", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-7394: package `freetds` update to version 1.4.10-alt1.c9.1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c9f2" + ], + "Products": [ + "ALT SPWorkstation", + "ALT SPServer" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-7394", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-7394", + "Source": "ALTPU" + } + ], + "Description": "This update upgrades freetds to version 1.4.10-alt1.c9.1. \nSecurity Fix(es):\n\n * #50204: Прошу собрать с поддержкой krb5", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-05-07" + }, + "Updated": { + "Date": "2024-05-07" + }, + "BDUs": null, + "Bugzilla": [ + { + "ID": "50204", + "Href": "https://bugzilla.altlinux.org/50204", + "Data": "Прошу собрать с поддержкой krb5" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:8.4", + "cpe:/o:alt:spserver:8.4" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:3001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:20247394001", + "Comment": "freetds-utils is earlier than 0:1.4.10-alt1.c9.1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20247394002", + "Comment": "libfreetds is earlier than 0:1.4.10-alt1.c9.1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20247394003", + "Comment": "libfreetds-devel is earlier than 0:1.4.10-alt1.c9.1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20247394004", + "Comment": "libfreetds-unixodbc is earlier than 0:1.4.10-alt1.c9.1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c9f2/ALT-PU-2024-7394/objects.json b/oval/c9f2/ALT-PU-2024-7394/objects.json new file mode 100644 index 0000000000..22c1c2faf2 --- /dev/null +++ b/oval/c9f2/ALT-PU-2024-7394/objects.json @@ -0,0 +1,52 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:3001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:20247394001", + "Version": "1", + "Comment": "freetds-utils is installed", + "Name": "freetds-utils" + }, + { + "ID": "oval:org.altlinux.errata:obj:20247394002", + "Version": "1", + "Comment": "libfreetds is installed", + "Name": "libfreetds" + }, + { + "ID": "oval:org.altlinux.errata:obj:20247394003", + "Version": "1", + "Comment": "libfreetds-devel is installed", + "Name": "libfreetds-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:20247394004", + "Version": "1", + "Comment": "libfreetds-unixodbc is installed", + "Name": "libfreetds-unixodbc" + } + ] +} \ No newline at end of file diff --git a/oval/c9f2/ALT-PU-2024-7394/states.json b/oval/c9f2/ALT-PU-2024-7394/states.json new file mode 100644 index 0000000000..d3ca3db845 --- /dev/null +++ b/oval/c9f2/ALT-PU-2024-7394/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:3001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:20247394001", + "Version": "1", + "Comment": "package EVR is earlier than 0:1.4.10-alt1.c9.1", + "Arch": {}, + "EVR": { + "Text": "0:1.4.10-alt1.c9.1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c9f2/ALT-PU-2024-7394/tests.json b/oval/c9f2/ALT-PU-2024-7394/tests.json new file mode 100644 index 0000000000..e8ebda276e --- /dev/null +++ b/oval/c9f2/ALT-PU-2024-7394/tests.json @@ -0,0 +1,66 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:3001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c9f2' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:3001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:3001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:20247394001", + "Version": "1", + "Check": "all", + "Comment": "freetds-utils is earlier than 0:1.4.10-alt1.c9.1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20247394001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20247394001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20247394002", + "Version": "1", + "Check": "all", + "Comment": "libfreetds is earlier than 0:1.4.10-alt1.c9.1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20247394002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20247394001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20247394003", + "Version": "1", + "Check": "all", + "Comment": "libfreetds-devel is earlier than 0:1.4.10-alt1.c9.1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20247394003" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20247394001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20247394004", + "Version": "1", + "Check": "all", + "Comment": "libfreetds-unixodbc is earlier than 0:1.4.10-alt1.c9.1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20247394004" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20247394001" + } + } + ] +} \ No newline at end of file