pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-07-22 03:04:10 +00:00
parent 4048d5433e
commit 2ab15a11d7
14 changed files with 4543 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
oval/c10f1/ALT-PU-2021-2470/definitions.json
View File

@ -44,6 +44,11 @@
"RefURL": "https://bdu.fstec.ru/vul/2022-02251",
"Source": "BDU"
},
{
"RefID": "CVE-2008-3431",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2008-3431",
"Source": "CVE"
},
{
"RefID": "CVE-2021-2409",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-2409",
@ -65,7 +70,7 @@
"Source": "CVE"
}
],
"Description": "This update upgrades virtualbox to version 6.1.24-alt1. \nSecurity Fix(es):\n\n * BDU:2022-01674: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01829: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-02250: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-02251: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2021-2409: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).\n\n * CVE-2021-2442: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).\n\n * CVE-2021-2443: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Solaris x86 and Linux systems only. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).\n\n * CVE-2021-2454: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).",
"Description": "This update upgrades virtualbox to version 6.1.24-alt1. \nSecurity Fix(es):\n\n * BDU:2022-01674: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01829: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-02250: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-02251: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2008-3431: The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\\\.\\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.\n\n * CVE-2021-2409: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).\n\n * CVE-2021-2442: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).\n\n * CVE-2021-2443: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Solaris x86 and Linux systems only. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).\n\n * CVE-2021-2454: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
@ -74,7 +79,7 @@
"Date": "2021-08-09"
},
"Updated": {
"Date": "2021-08-09"
"Date": "2024-07-21"
},
"BDUs": [
{
@ -115,6 +120,15 @@
}
],
"CVEs": [
{
"ID": "CVE-2008-3431",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2008-3431",
"Impact": "High",
"Public": "20080805"
},
{
"ID": "CVE-2021-2409",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",

18
oval/c10f1/ALT-PU-2023-5232/definitions.json
View File

@ -39,6 +39,11 @@
"RefURL": "https://bdu.fstec.ru/vul/2023-04240",
"Source": "BDU"
},
{
"RefID": "CVE-2008-3431",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2008-3431",
"Source": "CVE"
},
{
"RefID": "CVE-2023-22016",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-22016",
@ -55,7 +60,7 @@
"Source": "CVE"
}
],
"Description": "This update upgrades virtualbox to version 6.1.46-alt1. \nSecurity Fix(es):\n\n * BDU:2023-03898: Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-03925: Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю выполнить произвольный код или получить полный контроль над приложением\n\n * BDU:2023-04240: Уязвимость ядра виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2023-22016: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H).\n\n * CVE-2023-22017: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Windows VMs only. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n * CVE-2023-22018: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"Description": "This update upgrades virtualbox to version 6.1.46-alt1. \nSecurity Fix(es):\n\n * BDU:2023-03898: Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-03925: Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю выполнить произвольный код или получить полный контроль над приложением\n\n * BDU:2023-04240: Уязвимость ядра виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2008-3431: The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\\\.\\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.\n\n * CVE-2023-22016: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H).\n\n * CVE-2023-22017: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Windows VMs only. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n * CVE-2023-22018: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
@ -64,7 +69,7 @@
"Date": "2023-09-01"
},
"Updated": {
"Date": "2023-09-01"
"Date": "2024-07-21"
},
"BDUs": [
{
@ -96,6 +101,15 @@
}
],
"CVEs": [
{
"ID": "CVE-2008-3431",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2008-3431",
"Impact": "High",
"Public": "20080805"
},
{
"ID": "CVE-2023-22016",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",

873
oval/c10f1/ALT-PU-2024-9806/definitions.json Normal file
View File

@ -0,0 +1,873 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20249806",
"Version": "oval:org.altlinux.errata:def:20249806",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-9806: package `qemu` update to version 8.2.4-alt0.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-9806",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-9806",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-03304",
"RefURL": "https://bdu.fstec.ru/vul/2024-03304",
"Source": "BDU"
},
{
"RefID": "BDU:2024-03819",
"RefURL": "https://bdu.fstec.ru/vul/2024-03819",
"Source": "BDU"
},
{
"RefID": "BDU:2024-04887",
"RefURL": "https://bdu.fstec.ru/vul/2024-04887",
"Source": "BDU"
},
{
"RefID": "CVE-2024-3446",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-3446",
"Source": "CVE"
},
{
"RefID": "CVE-2024-3447",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-3447",
"Source": "CVE"
},
{
"RefID": "CVE-2024-3567",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-3567",
"Source": "CVE"
}
],
"Description": "This update upgrades qemu to version 8.2.4-alt0.p10.1. \nSecurity Fix(es):\n\n * BDU:2024-03304: Уязвимость эмулятора аппаратного обеспечения QEMU, связанная с ошибкой повторного освобождения памяти, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-03819: Уязвимость функции sdhci_write_dataport эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-04887: Уязвимость функции update_sctp_checksum() эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2024-3446: A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host, resulting in a denial of service or allow arbitrary code execution within the context of the QEMU process on the host.\n\n * CVE-2024-3447: description unavailable\n\n * CVE-2024-3567: A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-07-22"
},
"Updated": {
"Date": "2024-07-22"
},
"BDUs": [
{
"ID": "BDU:2024-03304",
"CVSS": "AV:L/AC:L/Au:M/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-415",
"Href": "https://bdu.fstec.ru/vul/2024-03304",
"Impact": "High",
"Public": "20240409"
},
{
"ID": "BDU:2024-03819",
"CVSS": "AV:L/AC:L/Au:M/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2024-03819",
"Impact": "Low",
"Public": "20240404"
},
{
"ID": "BDU:2024-04887",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-617",
"Href": "https://bdu.fstec.ru/vul/2024-04887",
"Impact": "Low",
"Public": "20240410"
}
],
"CVEs": [
{
"ID": "CVE-2024-3446",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-3446",
"Impact": "None",
"Public": "20240409"
},
{
"ID": "CVE-2024-3567",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-617",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-3567",
"Impact": "Low",
"Public": "20240410"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20249806001",
"Comment": "qemu is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806002",
"Comment": "qemu-audio-alsa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806003",
"Comment": "qemu-audio-dbus is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806004",
"Comment": "qemu-audio-oss is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806005",
"Comment": "qemu-audio-pa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806006",
"Comment": "qemu-audio-pipewire is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806007",
"Comment": "qemu-audio-sdl is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806008",
"Comment": "qemu-audio-spice is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806009",
"Comment": "qemu-aux is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806010",
"Comment": "qemu-block-blkio is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806011",
"Comment": "qemu-block-curl is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806012",
"Comment": "qemu-block-dmg is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806013",
"Comment": "qemu-block-gluster is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806014",
"Comment": "qemu-block-iscsi is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806015",
"Comment": "qemu-block-nfs is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806016",
"Comment": "qemu-block-rbd is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806017",
"Comment": "qemu-block-ssh is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806018",
"Comment": "qemu-block-vitastor is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806019",
"Comment": "qemu-char-spice is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806020",
"Comment": "qemu-common is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806021",
"Comment": "qemu-device-display-qxl is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806022",
"Comment": "qemu-device-display-vhost-user-gpu is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806023",
"Comment": "qemu-device-display-virtio-gpu is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806024",
"Comment": "qemu-device-display-virtio-gpu-ccw is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806025",
"Comment": "qemu-device-display-virtio-gpu-gl is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806026",
"Comment": "qemu-device-display-virtio-gpu-pci is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806027",
"Comment": "qemu-device-display-virtio-gpu-pci-gl is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806028",
"Comment": "qemu-device-display-virtio-vga is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806029",
"Comment": "qemu-device-display-virtio-vga-gl is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806030",
"Comment": "qemu-device-usb-host is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806031",
"Comment": "qemu-device-usb-redirect is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806032",
"Comment": "qemu-device-usb-smartcard is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806033",
"Comment": "qemu-doc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806034",
"Comment": "qemu-guest-agent is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806035",
"Comment": "qemu-img is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806036",
"Comment": "qemu-kvm is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806037",
"Comment": "qemu-kvm-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806038",
"Comment": "qemu-pr-helper is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806039",
"Comment": "qemu-system is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806040",
"Comment": "qemu-system-aarch64 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806041",
"Comment": "qemu-system-aarch64-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806042",
"Comment": "qemu-system-alpha is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806043",
"Comment": "qemu-system-alpha-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806044",
"Comment": "qemu-system-arm is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806045",
"Comment": "qemu-system-arm-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806046",
"Comment": "qemu-system-avr is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806047",
"Comment": "qemu-system-avr-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806048",
"Comment": "qemu-system-cris is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806049",
"Comment": "qemu-system-cris-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806050",
"Comment": "qemu-system-hppa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806051",
"Comment": "qemu-system-hppa-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806052",
"Comment": "qemu-system-loongarch is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806053",
"Comment": "qemu-system-loongarch-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806054",
"Comment": "qemu-system-m68k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806055",
"Comment": "qemu-system-m68k-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806056",
"Comment": "qemu-system-microblaze is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806057",
"Comment": "qemu-system-microblaze-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806058",
"Comment": "qemu-system-mips is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806059",
"Comment": "qemu-system-mips-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806060",
"Comment": "qemu-system-nios2 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806061",
"Comment": "qemu-system-nios2-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806062",
"Comment": "qemu-system-or1k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806063",
"Comment": "qemu-system-or1k-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806064",
"Comment": "qemu-system-ppc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806065",
"Comment": "qemu-system-ppc-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806066",
"Comment": "qemu-system-riscv is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806067",
"Comment": "qemu-system-riscv-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806068",
"Comment": "qemu-system-rx is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806069",
"Comment": "qemu-system-rx-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806070",
"Comment": "qemu-system-s390x is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806071",
"Comment": "qemu-system-s390x-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806072",
"Comment": "qemu-system-sh4 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806073",
"Comment": "qemu-system-sh4-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806074",
"Comment": "qemu-system-sparc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806075",
"Comment": "qemu-system-sparc-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806076",
"Comment": "qemu-system-tricore is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806077",
"Comment": "qemu-system-tricore-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806078",
"Comment": "qemu-system-x86 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806079",
"Comment": "qemu-system-x86-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806080",
"Comment": "qemu-system-xtensa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806081",
"Comment": "qemu-system-xtensa-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806082",
"Comment": "qemu-tests is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806083",
"Comment": "qemu-tools is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806084",
"Comment": "qemu-ui-curses is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806085",
"Comment": "qemu-ui-dbus is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806086",
"Comment": "qemu-ui-egl-headless is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806087",
"Comment": "qemu-ui-gtk is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806088",
"Comment": "qemu-ui-opengl is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806089",
"Comment": "qemu-ui-sdl is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806090",
"Comment": "qemu-ui-spice-app is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806091",
"Comment": "qemu-ui-spice-core is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806092",
"Comment": "qemu-user is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806093",
"Comment": "qemu-user-aarch64 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806094",
"Comment": "qemu-user-alpha is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806095",
"Comment": "qemu-user-arm is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806096",
"Comment": "qemu-user-avr is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806097",
"Comment": "qemu-user-binfmt is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806098",
"Comment": "qemu-user-binfmt-aarch64 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806099",
"Comment": "qemu-user-binfmt-alpha is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806100",
"Comment": "qemu-user-binfmt-arm is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806101",
"Comment": "qemu-user-binfmt-avr is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806102",
"Comment": "qemu-user-binfmt-cris is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806103",
"Comment": "qemu-user-binfmt-hexagon is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806104",
"Comment": "qemu-user-binfmt-hppa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806105",
"Comment": "qemu-user-binfmt-loongarch is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806106",
"Comment": "qemu-user-binfmt-m68k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806107",
"Comment": "qemu-user-binfmt-microblaze is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806108",
"Comment": "qemu-user-binfmt-mips is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806109",
"Comment": "qemu-user-binfmt-nios2 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806110",
"Comment": "qemu-user-binfmt-or1k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806111",
"Comment": "qemu-user-binfmt-ppc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806112",
"Comment": "qemu-user-binfmt-riscv is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806113",
"Comment": "qemu-user-binfmt-rx is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806114",
"Comment": "qemu-user-binfmt-s390x is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806115",
"Comment": "qemu-user-binfmt-sh4 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806116",
"Comment": "qemu-user-binfmt-sparc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806117",
"Comment": "qemu-user-binfmt-tricore is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806118",
"Comment": "qemu-user-binfmt-x86 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806119",
"Comment": "qemu-user-binfmt-xtensa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806120",
"Comment": "qemu-user-cris is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806121",
"Comment": "qemu-user-hexagon is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806122",
"Comment": "qemu-user-hppa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806123",
"Comment": "qemu-user-loongarch is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806124",
"Comment": "qemu-user-m68k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806125",
"Comment": "qemu-user-microblaze is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806126",
"Comment": "qemu-user-mips is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806127",
"Comment": "qemu-user-nios2 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806128",
"Comment": "qemu-user-or1k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806129",
"Comment": "qemu-user-ppc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806130",
"Comment": "qemu-user-riscv is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806131",
"Comment": "qemu-user-rx is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806132",
"Comment": "qemu-user-s390x is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806133",
"Comment": "qemu-user-sh4 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806134",
"Comment": "qemu-user-sparc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806135",
"Comment": "qemu-user-static is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806136",
"Comment": "qemu-user-static-aarch64 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806137",
"Comment": "qemu-user-static-alpha is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806138",
"Comment": "qemu-user-static-arm is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806139",
"Comment": "qemu-user-static-avr is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806140",
"Comment": "qemu-user-static-binfmt is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806141",
"Comment": "qemu-user-static-binfmt-aarch64 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806142",
"Comment": "qemu-user-static-binfmt-alpha is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806143",
"Comment": "qemu-user-static-binfmt-arm is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806144",
"Comment": "qemu-user-static-binfmt-avr is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806145",
"Comment": "qemu-user-static-binfmt-cris is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806146",
"Comment": "qemu-user-static-binfmt-hexagon is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806147",
"Comment": "qemu-user-static-binfmt-hppa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806148",
"Comment": "qemu-user-static-binfmt-loongarch is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806149",
"Comment": "qemu-user-static-binfmt-m68k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806150",
"Comment": "qemu-user-static-binfmt-microblaze is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806151",
"Comment": "qemu-user-static-binfmt-mips is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806152",
"Comment": "qemu-user-static-binfmt-nios2 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806153",
"Comment": "qemu-user-static-binfmt-or1k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806154",
"Comment": "qemu-user-static-binfmt-ppc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806155",
"Comment": "qemu-user-static-binfmt-riscv is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806156",
"Comment": "qemu-user-static-binfmt-rx is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806157",
"Comment": "qemu-user-static-binfmt-s390x is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806158",
"Comment": "qemu-user-static-binfmt-sh4 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806159",
"Comment": "qemu-user-static-binfmt-sparc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806160",
"Comment": "qemu-user-static-binfmt-tricore is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806161",
"Comment": "qemu-user-static-binfmt-x86 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806162",
"Comment": "qemu-user-static-binfmt-xtensa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806163",
"Comment": "qemu-user-static-cris is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806164",
"Comment": "qemu-user-static-hexagon is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806165",
"Comment": "qemu-user-static-hppa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806166",
"Comment": "qemu-user-static-loongarch is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806167",
"Comment": "qemu-user-static-m68k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806168",
"Comment": "qemu-user-static-microblaze is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806169",
"Comment": "qemu-user-static-mips is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806170",
"Comment": "qemu-user-static-nios2 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806171",
"Comment": "qemu-user-static-or1k is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806172",
"Comment": "qemu-user-static-ppc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806173",
"Comment": "qemu-user-static-riscv is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806174",
"Comment": "qemu-user-static-rx is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806175",
"Comment": "qemu-user-static-s390x is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806176",
"Comment": "qemu-user-static-sh4 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806177",
"Comment": "qemu-user-static-sparc is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806178",
"Comment": "qemu-user-static-tricore is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806179",
"Comment": "qemu-user-static-x86 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806180",
"Comment": "qemu-user-static-xtensa is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806181",
"Comment": "qemu-user-tricore is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806182",
"Comment": "qemu-user-x86 is earlier than 0:8.2.4-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249806183",
"Comment": "qemu-user-xtensa is earlier than 0:8.2.4-alt0.p10.1"
}
]
}
]
}
}
]
}

1126
oval/c10f1/ALT-PU-2024-9806/objects.json Normal file
View File

File diff suppressed because it is too large Load Diff

23
oval/c10f1/ALT-PU-2024-9806/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20249806001",
"Version": "1",
"Comment": "package EVR is earlier than 0:8.2.4-alt0.p10.1",
"Arch": {},
"EVR": {
"Text": "0:8.2.4-alt0.p10.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

2214
oval/c10f1/ALT-PU-2024-9806/tests.json Normal file
View File

File diff suppressed because it is too large Load Diff

18
oval/c9f2/ALT-PU-2019-2303/definitions.json
View File

File diff suppressed because one or more lines are too long

18
oval/c9f2/ALT-PU-2021-1740/definitions.json
View File

File diff suppressed because one or more lines are too long

18
oval/p10/ALT-PU-2021-2470/definitions.json
View File

@ -49,6 +49,11 @@
"RefURL": "https://bdu.fstec.ru/vul/2022-02251",
"Source": "BDU"
},
{
"RefID": "CVE-2008-3431",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2008-3431",
"Source": "CVE"
},
{
"RefID": "CVE-2021-2409",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-2409",
@ -70,7 +75,7 @@
"Source": "CVE"
}
],
"Description": "This update upgrades virtualbox to version 6.1.24-alt1. \nSecurity Fix(es):\n\n * BDU:2022-01674: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01829: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-02250: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-02251: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2021-2409: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).\n\n * CVE-2021-2442: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).\n\n * CVE-2021-2443: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Solaris x86 and Linux systems only. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).\n\n * CVE-2021-2454: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).",
"Description": "This update upgrades virtualbox to version 6.1.24-alt1. \nSecurity Fix(es):\n\n * BDU:2022-01674: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01829: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-02250: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-02251: Уязвимость компонента Core программного средства виртуализации VM VirtualBox, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2008-3431: The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\\\.\\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.\n\n * CVE-2021-2409: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).\n\n * CVE-2021-2442: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).\n\n * CVE-2021-2443: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Solaris x86 and Linux systems only. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).\n\n * CVE-2021-2454: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
@ -79,7 +84,7 @@
"Date": "2021-08-09"
},
"Updated": {
"Date": "2021-08-09"
"Date": "2024-07-21"
},
"BDUs": [
{
@ -120,6 +125,15 @@
}
],
"CVEs": [
{
"ID": "CVE-2008-3431",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2008-3431",
"Impact": "High",
"Public": "20080805"
},
{
"ID": "CVE-2021-2409",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",

124
oval/p10/ALT-PU-2024-8987/definitions.json Normal file
View File

@ -0,0 +1,124 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20248987",
"Version": "oval:org.altlinux.errata:def:20248987",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-8987: package `tcpdump` update to version 4.99.4-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-8987",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-8987",
"Source": "ALTPU"
},
{
"RefID": "CVE-2018-16301",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-16301",
"Source": "CVE"
},
{
"RefID": "CVE-2020-8037",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-8037",
"Source": "CVE"
}
],
"Description": "This update upgrades tcpdump to version 4.99.4-alt1. \nSecurity Fix(es):\n\n * CVE-2018-16301: The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump.\n\n * CVE-2020-8037: The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-07-21"
},
"Updated": {
"Date": "2024-07-21"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2018-16301",
"CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-16301",
"Impact": "High",
"Public": "20191003"
},
{
"ID": "CVE-2020-8037",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-770",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-8037",
"Impact": "High",
"Public": "20201104"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20248987001",
"Comment": "tcpdump is earlier than 1:4.99.4-alt1"
}
]
}
]
}
}
]
}

34
oval/p10/ALT-PU-2024-8987/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20248987001",
"Version": "1",
"Comment": "tcpdump is installed",
"Name": "tcpdump"
}
]
}

23
oval/p10/ALT-PU-2024-8987/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20248987001",
"Version": "1",
"Comment": "package EVR is earlier than 1:4.99.4-alt1",
"Arch": {},
"EVR": {
"Text": "1:4.99.4-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p10/ALT-PU-2024-8987/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20248987001",
"Version": "1",
"Check": "all",
"Comment": "tcpdump is earlier than 1:4.99.4-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20248987001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20248987001"
}
}
]
}

18
oval/p9/ALT-PU-2019-2303/definitions.json
View File

File diff suppressed because one or more lines are too long