pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-12-24 03:06:18 +00:00
parent 82604d0bd9
commit 2fdda5f4c6
48 changed files with 3445 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
oval/c10f1/ALT-PU-2024-16978/definitions.json Normal file
View File

@ -0,0 +1,116 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416978",
"Version": "oval:org.altlinux.errata:def:202416978",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16978: package `speex` update to version 1.2.1-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16978",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16978",
"Source": "ALTPU"
},
{
"RefID": "CVE-2020-23903",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-23903",
"Source": "CVE"
},
{
"RefID": "CVE-2020-23904",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-23904",
"Source": "CVE"
}
],
"Description": "This update upgrades speex to version 1.2.1-alt1. \nSecurity Fix(es):\n\n * CVE-2020-23903: A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file.\n\n * CVE-2020-23904: A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states \"I cannot reproduce it\" and it \"is a demo program.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2020-23903",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-369",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-23903",
"Impact": "Low",
"Public": "20211110"
},
{
"ID": "CVE-2020-23904",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-23904",
"Impact": "Low",
"Public": "20211110"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416978001",
"Comment": "libspeex is earlier than 0:1.2.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416978002",
"Comment": "libspeex-devel is earlier than 0:1.2.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416978003",
"Comment": "libspeex-devel-doc is earlier than 0:1.2.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416978004",
"Comment": "libspeex-devel-static is earlier than 0:1.2.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416978005",
"Comment": "speex is earlier than 0:1.2.1-alt1"
}
]
}
]
}
}
]
}

58
oval/c10f1/ALT-PU-2024-16978/objects.json Normal file
View File

@ -0,0 +1,58 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416978001",
"Version": "1",
"Comment": "libspeex is installed",
"Name": "libspeex"
},
{
"ID": "oval:org.altlinux.errata:obj:202416978002",
"Version": "1",
"Comment": "libspeex-devel is installed",
"Name": "libspeex-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202416978003",
"Version": "1",
"Comment": "libspeex-devel-doc is installed",
"Name": "libspeex-devel-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202416978004",
"Version": "1",
"Comment": "libspeex-devel-static is installed",
"Name": "libspeex-devel-static"
},
{
"ID": "oval:org.altlinux.errata:obj:202416978005",
"Version": "1",
"Comment": "speex is installed",
"Name": "speex"
}
]
}

23
oval/c10f1/ALT-PU-2024-16978/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416978001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.2.1-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.2.1-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

78
oval/c10f1/ALT-PU-2024-16978/tests.json Normal file
View File

@ -0,0 +1,78 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416978001",
"Version": "1",
"Check": "all",
"Comment": "libspeex is earlier than 0:1.2.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416978001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416978001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416978002",
"Version": "1",
"Check": "all",
"Comment": "libspeex-devel is earlier than 0:1.2.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416978002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416978001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416978003",
"Version": "1",
"Check": "all",
"Comment": "libspeex-devel-doc is earlier than 0:1.2.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416978003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416978001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416978004",
"Version": "1",
"Check": "all",
"Comment": "libspeex-devel-static is earlier than 0:1.2.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416978004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416978001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416978005",
"Version": "1",
"Check": "all",
"Comment": "speex is earlier than 0:1.2.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416978005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416978001"
}
}
]
}

201
oval/c10f1/ALT-PU-2024-17133/definitions.json Normal file
View File

@ -0,0 +1,201 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417133",
"Version": "oval:org.altlinux.errata:def:202417133",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17133: package `vim` update to version 9.1.0917-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17133",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17133",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-06299",
"RefURL": "https://bdu.fstec.ru/vul/2024-06299",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06478",
"RefURL": "https://bdu.fstec.ru/vul/2024-06478",
"Source": "BDU"
},
{
"RefID": "CVE-2024-41957",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41957",
"Source": "CVE"
},
{
"RefID": "CVE-2024-41965",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41965",
"Source": "CVE"
},
{
"RefID": "CVE-2024-45306",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-45306",
"Source": "CVE"
}
],
"Description": "This update upgrades vim to version 9.1.0917-alt2. \nSecurity Fix(es):\n\n * BDU:2024-06299: Уязвимость компонента File Name Handler текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2024-06478: Уязвимость функции tagstack_clear_entry() файла src/alloc.c текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2024-41957: Vim is an open source command line text editor. Vim \u003c v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-default flags,\nbut it may cause a crash of Vim. The issue has been fixed as of Vim patch v9.1.0647\n\n * CVE-2024-41965: Vim is an open source command line text editor. double-free in dialog_changed() in Vim \u003c v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a name yet. However, when setting the buffer name to Unnamed, Vim will falsely free a pointer twice, leading to a double-free and possibly later to a heap-use-after-free, which can lead to a crash. The issue has been fixed as of Vim patch v9.1.0648.\n\n * CVE-2024-45306: Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.\n\n * #49541: vim-common and vim-minimal conflict on merged-usr\n\n * #51821: Для закрытия CVE-2024-43374 необходимо обновить пакет\n\n * #52413: Конфликт: файл /usr/share/vim/ftplugin/mediawiki.vim из устанавливаемого пакета vim-plugin-mediawiki-syntax-0.0-alt5.noarch конфликтует с файлом из пакета vim-common-4:9.1.0917-alt1.noarch",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": [
{
"ID": "BDU:2024-06299",
"CVSS": "AV:L/AC:H/Au:S/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06299",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "BDU:2024-06478",
"CVSS": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06478",
"Impact": "Low",
"Public": "20240801"
}
],
"CVEs": [
{
"ID": "CVE-2024-41957",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-41957",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "CVE-2024-41965",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-41965",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "CVE-2024-45306",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-45306",
"Impact": "Low",
"Public": "20240902"
}
],
"Bugzilla": [
{
"ID": "49541",
"Href": "https://bugzilla.altlinux.org/49541",
"Data": "vim-common and vim-minimal conflict on merged-usr"
},
{
"ID": "51821",
"Href": "https://bugzilla.altlinux.org/51821",
"Data": "Для закрытия CVE-2024-43374 необходимо обновить пакет"
},
{
"ID": "52413",
"Href": "https://bugzilla.altlinux.org/52413",
"Data": "Конфликт: файл /usr/share/vim/ftplugin/mediawiki.vim из устанавливаемого пакета vim-plugin-mediawiki-syntax-0.0-alt5.noarch конфликтует с файлом из пакета vim-common-4:9.1.0917-alt1.noarch"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417133001",
"Comment": "rpm-build-vim is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133002",
"Comment": "vim-X11 is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133003",
"Comment": "vim-X11-gnome2 is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133004",
"Comment": "vim-X11-gtk2 is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133005",
"Comment": "vim-X11-gtk3 is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133006",
"Comment": "vim-common is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133007",
"Comment": "vim-console is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133008",
"Comment": "vim-enhanced is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133009",
"Comment": "vim-minimal is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133010",
"Comment": "vim-spell-source is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133011",
"Comment": "vimtutor is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417133012",
"Comment": "xxd is earlier than 4:9.1.0917-alt2"
}
]
}
]
}
}
]
}

100
oval/c10f1/ALT-PU-2024-17133/objects.json Normal file
View File

@ -0,0 +1,100 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417133001",
"Version": "1",
"Comment": "rpm-build-vim is installed",
"Name": "rpm-build-vim"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133002",
"Version": "1",
"Comment": "vim-X11 is installed",
"Name": "vim-X11"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133003",
"Version": "1",
"Comment": "vim-X11-gnome2 is installed",
"Name": "vim-X11-gnome2"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133004",
"Version": "1",
"Comment": "vim-X11-gtk2 is installed",
"Name": "vim-X11-gtk2"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133005",
"Version": "1",
"Comment": "vim-X11-gtk3 is installed",
"Name": "vim-X11-gtk3"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133006",
"Version": "1",
"Comment": "vim-common is installed",
"Name": "vim-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133007",
"Version": "1",
"Comment": "vim-console is installed",
"Name": "vim-console"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133008",
"Version": "1",
"Comment": "vim-enhanced is installed",
"Name": "vim-enhanced"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133009",
"Version": "1",
"Comment": "vim-minimal is installed",
"Name": "vim-minimal"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133010",
"Version": "1",
"Comment": "vim-spell-source is installed",
"Name": "vim-spell-source"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133011",
"Version": "1",
"Comment": "vimtutor is installed",
"Name": "vimtutor"
},
{
"ID": "oval:org.altlinux.errata:obj:202417133012",
"Version": "1",
"Comment": "xxd is installed",
"Name": "xxd"
}
]
}

23
oval/c10f1/ALT-PU-2024-17133/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417133001",
"Version": "1",
"Comment": "package EVR is earlier than 4:9.1.0917-alt2",
"Arch": {},
"EVR": {
"Text": "4:9.1.0917-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

162
oval/c10f1/ALT-PU-2024-17133/tests.json Normal file
View File

@ -0,0 +1,162 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417133001",
"Version": "1",
"Check": "all",
"Comment": "rpm-build-vim is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133002",
"Version": "1",
"Check": "all",
"Comment": "vim-X11 is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133003",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gnome2 is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133004",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gtk2 is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133005",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gtk3 is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133006",
"Version": "1",
"Check": "all",
"Comment": "vim-common is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133007",
"Version": "1",
"Check": "all",
"Comment": "vim-console is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133008",
"Version": "1",
"Check": "all",
"Comment": "vim-enhanced is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133009",
"Version": "1",
"Check": "all",
"Comment": "vim-minimal is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133010",
"Version": "1",
"Check": "all",
"Comment": "vim-spell-source is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133011",
"Version": "1",
"Check": "all",
"Comment": "vimtutor is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417133012",
"Version": "1",
"Check": "all",
"Comment": "xxd is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417133012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417133001"
}
}
]
}

105
oval/c9f2/ALT-PU-2024-17304/definitions.json Normal file
View File

@ -0,0 +1,105 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417304",
"Version": "oval:org.altlinux.errata:def:202417304",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17304: package `yodl` update to version 3.00.0-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17304",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17304",
"Source": "ALTPU"
},
{
"RefID": "BDU:2018-00035",
"RefURL": "https://bdu.fstec.ru/vul/2018-00035",
"Source": "BDU"
},
{
"RefID": "CVE-2016-10375",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-10375",
"Source": "CVE"
}
],
"Description": "This update upgrades yodl to version 3.00.0-alt2. \nSecurity Fix(es):\n\n * BDU:2018-00035: Уязвимость функции queue_push (queue/queuepush.c) пакета yodl, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность данных\n\n * CVE-2016-10375: Yodl before 3.07.01 has a Buffer Over-read in the queue_push function in queue/queuepush.c.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": [
{
"ID": "BDU:2018-00035",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2018-00035",
"Impact": "Critical",
"Public": "20160204"
}
],
"CVEs": [
{
"ID": "CVE-2016-10375",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-10375",
"Impact": "Critical",
"Public": "20170526"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417304001",
"Comment": "yodl is earlier than 1:3.00.0-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417304002",
"Comment": "yodl-docs is earlier than 1:3.00.0-alt2"
}
]
}
]
}
}
]
}

40
oval/c9f2/ALT-PU-2024-17304/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417304001",
"Version": "1",
"Comment": "yodl is installed",
"Name": "yodl"
},
{
"ID": "oval:org.altlinux.errata:obj:202417304002",
"Version": "1",
"Comment": "yodl-docs is installed",
"Name": "yodl-docs"
}
]
}

23
oval/c9f2/ALT-PU-2024-17304/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417304001",
"Version": "1",
"Comment": "package EVR is earlier than 1:3.00.0-alt2",
"Arch": {},
"EVR": {
"Text": "1:3.00.0-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c9f2/ALT-PU-2024-17304/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417304001",
"Version": "1",
"Check": "all",
"Comment": "yodl is earlier than 1:3.00.0-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417304001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417304001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417304002",
"Version": "1",
"Check": "all",
"Comment": "yodl-docs is earlier than 1:3.00.0-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417304002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417304001"
}
}
]
}

90
oval/p10/ALT-PU-2024-16504/definitions.json Normal file
View File

@ -0,0 +1,90 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416504",
"Version": "oval:org.altlinux.errata:def:202416504",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16504: package `helix` update to version 24.07-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit",
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16504",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16504",
"Source": "ALTPU"
}
],
"Description": "This update upgrades helix to version 24.07-alt2. \nSecurity Fix(es):\n\n * #51062: Use HELIX_DEFAULT_RUNTIME before build instead of HELIX_RUNTIME at runtime",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "51062",
"Href": "https://bugzilla.altlinux.org/51062",
"Data": "Use HELIX_DEFAULT_RUNTIME before build instead of HELIX_RUNTIME at runtime"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:container:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416504001",
"Comment": "helix is earlier than 0:24.07-alt2"
}
]
}
]
}
}
]
}

34
oval/p10/ALT-PU-2024-16504/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416504001",
"Version": "1",
"Comment": "helix is installed",
"Name": "helix"
}
]
}

23
oval/p10/ALT-PU-2024-16504/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416504001",
"Version": "1",
"Comment": "package EVR is earlier than 0:24.07-alt2",
"Arch": {},
"EVR": {
"Text": "0:24.07-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p10/ALT-PU-2024-16504/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416504001",
"Version": "1",
"Check": "all",
"Comment": "helix is earlier than 0:24.07-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416504001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416504001"
}
}
]
}

95
oval/p10/ALT-PU-2024-16510/definitions.json Normal file
View File

@ -0,0 +1,95 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416510",
"Version": "oval:org.altlinux.errata:def:202416510",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16510: package `postgrey` update to version 1.37-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit",
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16510",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16510",
"Source": "ALTPU"
}
],
"Description": "This update upgrades postgrey to version 1.37-alt2. \nSecurity Fix(es):\n\n * #29551: Postgrey \"падает\" после его запуска\n\n * #31037: не работоспособный пакет postgrey",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "29551",
"Href": "https://bugzilla.altlinux.org/29551",
"Data": "Postgrey \"падает\" после его запуска"
},
{
"ID": "31037",
"Href": "https://bugzilla.altlinux.org/31037",
"Data": "не работоспособный пакет postgrey"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:container:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416510001",
"Comment": "postgrey is earlier than 0:1.37-alt2"
}
]
}
]
}
}
]
}

34
oval/p10/ALT-PU-2024-16510/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416510001",
"Version": "1",
"Comment": "postgrey is installed",
"Name": "postgrey"
}
]
}

23
oval/p10/ALT-PU-2024-16510/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416510001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.37-alt2",
"Arch": {},
"EVR": {
"Text": "0:1.37-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p10/ALT-PU-2024-16510/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416510001",
"Version": "1",
"Check": "all",
"Comment": "postgrey is earlier than 0:1.37-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416510001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416510001"
}
}
]
}

207
oval/p10/ALT-PU-2024-17145/definitions.json Normal file
View File

@ -0,0 +1,207 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417145",
"Version": "oval:org.altlinux.errata:def:202417145",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17145: package `subversion` update to version 1.14.5-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit",
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17145",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17145",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-05773",
"RefURL": "https://bdu.fstec.ru/vul/2022-05773",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05791",
"RefURL": "https://bdu.fstec.ru/vul/2022-05791",
"Source": "BDU"
},
{
"RefID": "CVE-2021-28544",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-28544",
"Source": "CVE"
},
{
"RefID": "CVE-2022-24070",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-24070",
"Source": "CVE"
},
{
"RefID": "CVE-2024-45720",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-45720",
"Source": "CVE"
},
{
"RefID": "CVE-2024-46901",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-46901",
"Source": "CVE"
}
],
"Description": "This update upgrades subversion to version 1.14.5-alt1. \nSecurity Fix(es):\n\n * BDU:2022-05773: Уязвимость централизованной системы управления версиями Subversion, связанная с неправильной авторизацией, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2022-05791: Уязвимость модуля mod_dav_svn централизованной системы управления версиями Subversion, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2021-28544: Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom' path of the original. This also reveals the fact that the node was copied. Only the 'copyfrom' path is revealed; not its contents. Both httpd and svnserve servers are vulnerable.\n\n * CVE-2022-24070: Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.\n\n * CVE-2024-45720: On Windows platforms, a \"best fit\" character encoding conversion of command line arguments to Subversion's executables (e.g., svn.exe, etc.) may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line argument string is processed.\n\nAll versions of Subversion up to and including Subversion 1.14.3 are affected on Windows platforms only. Users are recommended to upgrade to version Subversion 1.14.4, which fixes this issue.\n\nSubversion is not affected on UNIX-like platforms.\n\n * CVE-2024-46901: Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository.\n\nAll versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue.\n\nRepositories served via other access methods are not affected.\n\n * #48441: rebuild with swig-4.1.1 produces undefined symbol: SWIG_InstallConstants",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": [
{
"ID": "BDU:2022-05773",
"CVSS": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-863",
"Href": "https://bdu.fstec.ru/vul/2022-05773",
"Impact": "Low",
"Public": "20220412"
},
{
"ID": "BDU:2022-05791",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-05791",
"Impact": "High",
"Public": "20220412"
}
],
"CVEs": [
{
"ID": "CVE-2021-28544",
"CVSS": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-28544",
"Impact": "Low",
"Public": "20220412"
},
{
"ID": "CVE-2022-24070",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-24070",
"Impact": "High",
"Public": "20220412"
},
{
"ID": "CVE-2024-45720",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-45720",
"Impact": "None",
"Public": "20241009"
},
{
"ID": "CVE-2024-46901",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-46901",
"Impact": "None",
"Public": "20241209"
}
],
"Bugzilla": [
{
"ID": "48441",
"Href": "https://bugzilla.altlinux.org/48441",
"Data": "rebuild with swig-4.1.1 produces undefined symbol: SWIG_InstallConstants"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:container:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417145001",
"Comment": "libsubversion is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145002",
"Comment": "libsubversion-auth-gnome-keyring is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145003",
"Comment": "libsubversion-auth-kwallet is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145004",
"Comment": "libsubversion-devel is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145005",
"Comment": "subversion is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145006",
"Comment": "subversion-javahl is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145007",
"Comment": "subversion-perl is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145008",
"Comment": "subversion-server-common is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145009",
"Comment": "subversion-server-dav is earlier than 0:1.14.5-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417145010",
"Comment": "subversion-server-standalone is earlier than 0:1.14.5-alt1"
}
]
}
]
}
}
]
}

88
oval/p10/ALT-PU-2024-17145/objects.json Normal file
View File

@ -0,0 +1,88 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417145001",
"Version": "1",
"Comment": "libsubversion is installed",
"Name": "libsubversion"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145002",
"Version": "1",
"Comment": "libsubversion-auth-gnome-keyring is installed",
"Name": "libsubversion-auth-gnome-keyring"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145003",
"Version": "1",
"Comment": "libsubversion-auth-kwallet is installed",
"Name": "libsubversion-auth-kwallet"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145004",
"Version": "1",
"Comment": "libsubversion-devel is installed",
"Name": "libsubversion-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145005",
"Version": "1",
"Comment": "subversion is installed",
"Name": "subversion"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145006",
"Version": "1",
"Comment": "subversion-javahl is installed",
"Name": "subversion-javahl"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145007",
"Version": "1",
"Comment": "subversion-perl is installed",
"Name": "subversion-perl"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145008",
"Version": "1",
"Comment": "subversion-server-common is installed",
"Name": "subversion-server-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145009",
"Version": "1",
"Comment": "subversion-server-dav is installed",
"Name": "subversion-server-dav"
},
{
"ID": "oval:org.altlinux.errata:obj:202417145010",
"Version": "1",
"Comment": "subversion-server-standalone is installed",
"Name": "subversion-server-standalone"
}
]
}

23
oval/p10/ALT-PU-2024-17145/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417145001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.14.5-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.14.5-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

138
oval/p10/ALT-PU-2024-17145/tests.json Normal file
View File

@ -0,0 +1,138 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417145001",
"Version": "1",
"Check": "all",
"Comment": "libsubversion is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145002",
"Version": "1",
"Check": "all",
"Comment": "libsubversion-auth-gnome-keyring is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145003",
"Version": "1",
"Check": "all",
"Comment": "libsubversion-auth-kwallet is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145004",
"Version": "1",
"Check": "all",
"Comment": "libsubversion-devel is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145005",
"Version": "1",
"Check": "all",
"Comment": "subversion is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145006",
"Version": "1",
"Check": "all",
"Comment": "subversion-javahl is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145007",
"Version": "1",
"Check": "all",
"Comment": "subversion-perl is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145008",
"Version": "1",
"Check": "all",
"Comment": "subversion-server-common is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145009",
"Version": "1",
"Check": "all",
"Comment": "subversion-server-dav is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417145010",
"Version": "1",
"Check": "all",
"Comment": "subversion-server-standalone is earlier than 0:1.14.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417145010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417145001"
}
}
]
}

111
oval/p10/ALT-PU-2024-17179/definitions.json Normal file
View File

@ -0,0 +1,111 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417179",
"Version": "oval:org.altlinux.errata:def:202417179",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17179: package `grafana` update to version 11.2.2-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit",
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17179",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17179",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-07696",
"RefURL": "https://bdu.fstec.ru/vul/2024-07696",
"Source": "BDU"
},
{
"RefID": "CVE-2024-8118",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-8118",
"Source": "CVE"
}
],
"Description": "This update upgrades grafana to version 11.2.2-alt2. \nSecurity Fix(es):\n\n * BDU:2024-07696: Уязвимость интерфейса API Endpoint платформы для мониторинга и наблюдения Grafana, позволяющая нарушителю повысить свои привилегии\n\n * CVE-2024-8118: In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": [
{
"ID": "BDU:2024-07696",
"CVSS": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-653",
"Href": "https://bdu.fstec.ru/vul/2024-07696",
"Impact": "Low",
"Public": "20240926"
}
],
"CVEs": [
{
"ID": "CVE-2024-8118",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-8118",
"Impact": "None",
"Public": "20240926"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:container:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417179001",
"Comment": "grafana is earlier than 0:11.2.2-alt2"
}
]
}
]
}
}
]
}

34
oval/p10/ALT-PU-2024-17179/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417179001",
"Version": "1",
"Comment": "grafana is installed",
"Name": "grafana"
}
]
}

23
oval/p10/ALT-PU-2024-17179/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417179001",
"Version": "1",
"Comment": "package EVR is earlier than 0:11.2.2-alt2",
"Arch": {},
"EVR": {
"Text": "0:11.2.2-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p10/ALT-PU-2024-17179/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417179001",
"Version": "1",
"Check": "all",
"Comment": "grafana is earlier than 0:11.2.2-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417179001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417179001"
}
}
]
}

199
oval/p11/ALT-PU-2024-17154/definitions.json Normal file
View File

@ -0,0 +1,199 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417154",
"Version": "oval:org.altlinux.errata:def:202417154",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17154: package `vim` update to version 9.1.0917-alt3",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17154",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17154",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-06299",
"RefURL": "https://bdu.fstec.ru/vul/2024-06299",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06478",
"RefURL": "https://bdu.fstec.ru/vul/2024-06478",
"Source": "BDU"
},
{
"RefID": "CVE-2024-41957",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41957",
"Source": "CVE"
},
{
"RefID": "CVE-2024-41965",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41965",
"Source": "CVE"
},
{
"RefID": "CVE-2024-45306",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-45306",
"Source": "CVE"
}
],
"Description": "This update upgrades vim to version 9.1.0917-alt3. \nSecurity Fix(es):\n\n * BDU:2024-06299: Уязвимость компонента File Name Handler текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2024-06478: Уязвимость функции tagstack_clear_entry() файла src/alloc.c текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2024-41957: Vim is an open source command line text editor. Vim \u003c v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-default flags,\nbut it may cause a crash of Vim. The issue has been fixed as of Vim patch v9.1.0647\n\n * CVE-2024-41965: Vim is an open source command line text editor. double-free in dialog_changed() in Vim \u003c v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a name yet. However, when setting the buffer name to Unnamed, Vim will falsely free a pointer twice, leading to a double-free and possibly later to a heap-use-after-free, which can lead to a crash. The issue has been fixed as of Vim patch v9.1.0648.\n\n * CVE-2024-45306: Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.\n\n * #51821: Для закрытия CVE-2024-43374 необходимо обновить пакет\n\n * #52413: Конфликт: файл /usr/share/vim/ftplugin/mediawiki.vim из устанавливаемого пакета vim-plugin-mediawiki-syntax-0.0-alt5.noarch конфликтует с файлом из пакета vim-common-4:9.1.0917-alt1.noarch\n\n * #52424: Непрописанный файловый конфликт с пакетом vim-plugin-nim",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": [
{
"ID": "BDU:2024-06299",
"CVSS": "AV:L/AC:H/Au:S/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06299",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "BDU:2024-06478",
"CVSS": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06478",
"Impact": "Low",
"Public": "20240801"
}
],
"CVEs": [
{
"ID": "CVE-2024-41957",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-41957",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "CVE-2024-41965",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-41965",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "CVE-2024-45306",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-45306",
"Impact": "Low",
"Public": "20240902"
}
],
"Bugzilla": [
{
"ID": "51821",
"Href": "https://bugzilla.altlinux.org/51821",
"Data": "Для закрытия CVE-2024-43374 необходимо обновить пакет"
},
{
"ID": "52413",
"Href": "https://bugzilla.altlinux.org/52413",
"Data": "Конфликт: файл /usr/share/vim/ftplugin/mediawiki.vim из устанавливаемого пакета vim-plugin-mediawiki-syntax-0.0-alt5.noarch конфликтует с файлом из пакета vim-common-4:9.1.0917-alt1.noarch"
},
{
"ID": "52424",
"Href": "https://bugzilla.altlinux.org/52424",
"Data": "Непрописанный файловый конфликт с пакетом vim-plugin-nim"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417154001",
"Comment": "rpm-build-vim is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154002",
"Comment": "vim-X11 is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154003",
"Comment": "vim-X11-gnome2 is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154004",
"Comment": "vim-X11-gtk2 is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154005",
"Comment": "vim-X11-gtk3 is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154006",
"Comment": "vim-common is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154007",
"Comment": "vim-console is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154008",
"Comment": "vim-enhanced is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154009",
"Comment": "vim-minimal is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154010",
"Comment": "vim-spell-source is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154011",
"Comment": "vimtutor is earlier than 4:9.1.0917-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417154012",
"Comment": "xxd is earlier than 4:9.1.0917-alt3"
}
]
}
]
}
}
]
}

100
oval/p11/ALT-PU-2024-17154/objects.json Normal file
View File

@ -0,0 +1,100 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417154001",
"Version": "1",
"Comment": "rpm-build-vim is installed",
"Name": "rpm-build-vim"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154002",
"Version": "1",
"Comment": "vim-X11 is installed",
"Name": "vim-X11"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154003",
"Version": "1",
"Comment": "vim-X11-gnome2 is installed",
"Name": "vim-X11-gnome2"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154004",
"Version": "1",
"Comment": "vim-X11-gtk2 is installed",
"Name": "vim-X11-gtk2"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154005",
"Version": "1",
"Comment": "vim-X11-gtk3 is installed",
"Name": "vim-X11-gtk3"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154006",
"Version": "1",
"Comment": "vim-common is installed",
"Name": "vim-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154007",
"Version": "1",
"Comment": "vim-console is installed",
"Name": "vim-console"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154008",
"Version": "1",
"Comment": "vim-enhanced is installed",
"Name": "vim-enhanced"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154009",
"Version": "1",
"Comment": "vim-minimal is installed",
"Name": "vim-minimal"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154010",
"Version": "1",
"Comment": "vim-spell-source is installed",
"Name": "vim-spell-source"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154011",
"Version": "1",
"Comment": "vimtutor is installed",
"Name": "vimtutor"
},
{
"ID": "oval:org.altlinux.errata:obj:202417154012",
"Version": "1",
"Comment": "xxd is installed",
"Name": "xxd"
}
]
}

23
oval/p11/ALT-PU-2024-17154/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417154001",
"Version": "1",
"Comment": "package EVR is earlier than 4:9.1.0917-alt3",
"Arch": {},
"EVR": {
"Text": "4:9.1.0917-alt3",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

162
oval/p11/ALT-PU-2024-17154/tests.json Normal file
View File

@ -0,0 +1,162 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p11' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417154001",
"Version": "1",
"Check": "all",
"Comment": "rpm-build-vim is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154002",
"Version": "1",
"Check": "all",
"Comment": "vim-X11 is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154003",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gnome2 is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154004",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gtk2 is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154005",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gtk3 is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154006",
"Version": "1",
"Check": "all",
"Comment": "vim-common is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154007",
"Version": "1",
"Check": "all",
"Comment": "vim-console is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154008",
"Version": "1",
"Check": "all",
"Comment": "vim-enhanced is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154009",
"Version": "1",
"Check": "all",
"Comment": "vim-minimal is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154010",
"Version": "1",
"Check": "all",
"Comment": "vim-spell-source is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154011",
"Version": "1",
"Check": "all",
"Comment": "vimtutor is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417154012",
"Version": "1",
"Check": "all",
"Comment": "xxd is earlier than 4:9.1.0917-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417154012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417154001"
}
}
]
}

127
oval/p11/ALT-PU-2024-17274/definitions.json Normal file
View File

@ -0,0 +1,127 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417274",
"Version": "oval:org.altlinux.errata:def:202417274",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17274: package `python3-module-django` update to version 4.2.17-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17274",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17274",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-10874",
"RefURL": "https://bdu.fstec.ru/vul/2024-10874",
"Source": "BDU"
},
{
"RefID": "CVE-2024-53907",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-53907",
"Source": "CVE"
},
{
"RefID": "CVE-2024-53908",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-53908",
"Source": "CVE"
}
],
"Description": "This update upgrades python3-module-django to version 4.2.17-alt1. \nSecurity Fix(es):\n\n * BDU:2024-10874: Уязвимость класса django.db.models.fields.json.HasKey программной платформы для веб-приложений Django, позволяющая нарушителю выполнить произвольный SQL-код\n\n * CVE-2024-53907: An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.\n\n * CVE-2024-53908: An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. (Applications that use the jsonfield.has_key lookup via __ are unaffected.)",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": [
{
"ID": "BDU:2024-10874",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"CWE": "CWE-89",
"Href": "https://bdu.fstec.ru/vul/2024-10874",
"Impact": "Critical",
"Public": "20241204"
}
],
"CVEs": [
{
"ID": "CVE-2024-53907",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-53907",
"Impact": "None",
"Public": "20241206"
},
{
"ID": "CVE-2024-53908",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-53908",
"Impact": "None",
"Public": "20241206"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417274001",
"Comment": "python3-module-django is earlier than 0:4.2.17-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417274002",
"Comment": "python3-module-django-dbbackend-mysql is earlier than 0:4.2.17-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417274003",
"Comment": "python3-module-django-dbbackend-oracle is earlier than 0:4.2.17-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417274004",
"Comment": "python3-module-django-dbbackend-postgresql is earlier than 0:4.2.17-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417274005",
"Comment": "python3-module-django-dbbackend-sqlite3 is earlier than 0:4.2.17-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417274006",
"Comment": "python3-module-django-doc is earlier than 0:4.2.17-alt1"
}
]
}
]
}
}
]
}

64
oval/p11/ALT-PU-2024-17274/objects.json Normal file
View File

@ -0,0 +1,64 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417274001",
"Version": "1",
"Comment": "python3-module-django is installed",
"Name": "python3-module-django"
},
{
"ID": "oval:org.altlinux.errata:obj:202417274002",
"Version": "1",
"Comment": "python3-module-django-dbbackend-mysql is installed",
"Name": "python3-module-django-dbbackend-mysql"
},
{
"ID": "oval:org.altlinux.errata:obj:202417274003",
"Version": "1",
"Comment": "python3-module-django-dbbackend-oracle is installed",
"Name": "python3-module-django-dbbackend-oracle"
},
{
"ID": "oval:org.altlinux.errata:obj:202417274004",
"Version": "1",
"Comment": "python3-module-django-dbbackend-postgresql is installed",
"Name": "python3-module-django-dbbackend-postgresql"
},
{
"ID": "oval:org.altlinux.errata:obj:202417274005",
"Version": "1",
"Comment": "python3-module-django-dbbackend-sqlite3 is installed",
"Name": "python3-module-django-dbbackend-sqlite3"
},
{
"ID": "oval:org.altlinux.errata:obj:202417274006",
"Version": "1",
"Comment": "python3-module-django-doc is installed",
"Name": "python3-module-django-doc"
}
]
}

23
oval/p11/ALT-PU-2024-17274/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417274001",
"Version": "1",
"Comment": "package EVR is earlier than 0:4.2.17-alt1",
"Arch": {},
"EVR": {
"Text": "0:4.2.17-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

90
oval/p11/ALT-PU-2024-17274/tests.json Normal file
View File

@ -0,0 +1,90 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p11' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417274001",
"Version": "1",
"Check": "all",
"Comment": "python3-module-django is earlier than 0:4.2.17-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417274001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417274001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417274002",
"Version": "1",
"Check": "all",
"Comment": "python3-module-django-dbbackend-mysql is earlier than 0:4.2.17-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417274002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417274001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417274003",
"Version": "1",
"Check": "all",
"Comment": "python3-module-django-dbbackend-oracle is earlier than 0:4.2.17-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417274003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417274001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417274004",
"Version": "1",
"Check": "all",
"Comment": "python3-module-django-dbbackend-postgresql is earlier than 0:4.2.17-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417274004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417274001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417274005",
"Version": "1",
"Check": "all",
"Comment": "python3-module-django-dbbackend-sqlite3 is earlier than 0:4.2.17-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417274005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417274001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417274006",
"Version": "1",
"Check": "all",
"Comment": "python3-module-django-doc is earlier than 0:4.2.17-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417274006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417274001"
}
}
]
}

95
oval/p11/ALT-PU-2024-17362/definitions.json Normal file
View File

@ -0,0 +1,95 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417362",
"Version": "oval:org.altlinux.errata:def:202417362",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17362: package `fwupd` update to version 2.0.3-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17362",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17362",
"Source": "ALTPU"
}
],
"Description": "This update upgrades fwupd to version 2.0.3-alt1. \nSecurity Fix(es):\n\n * #52485: Обновление до версии 2.0.3",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "52485",
"Href": "https://bugzilla.altlinux.org/52485",
"Data": "Обновление до версии 2.0.3"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417362001",
"Comment": "fwupd is earlier than 0:2.0.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417362002",
"Comment": "fwupd-plugin-modem-manager is earlier than 0:2.0.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417362003",
"Comment": "fwupd-tests is earlier than 0:2.0.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417362004",
"Comment": "libfwupd-devel is earlier than 0:2.0.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417362005",
"Comment": "libfwupd-devel-docs is earlier than 0:2.0.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417362006",
"Comment": "libfwupd3 is earlier than 0:2.0.3-alt1"
}
]
}
]
}
}
]
}

64
oval/p11/ALT-PU-2024-17362/objects.json Normal file
View File

@ -0,0 +1,64 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417362001",
"Version": "1",
"Comment": "fwupd is installed",
"Name": "fwupd"
},
{
"ID": "oval:org.altlinux.errata:obj:202417362002",
"Version": "1",
"Comment": "fwupd-plugin-modem-manager is installed",
"Name": "fwupd-plugin-modem-manager"
},
{
"ID": "oval:org.altlinux.errata:obj:202417362003",
"Version": "1",
"Comment": "fwupd-tests is installed",
"Name": "fwupd-tests"
},
{
"ID": "oval:org.altlinux.errata:obj:202417362004",
"Version": "1",
"Comment": "libfwupd-devel is installed",
"Name": "libfwupd-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202417362005",
"Version": "1",
"Comment": "libfwupd-devel-docs is installed",
"Name": "libfwupd-devel-docs"
},
{
"ID": "oval:org.altlinux.errata:obj:202417362006",
"Version": "1",
"Comment": "libfwupd3 is installed",
"Name": "libfwupd3"
}
]
}

23
oval/p11/ALT-PU-2024-17362/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417362001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2.0.3-alt1",
"Arch": {},
"EVR": {
"Text": "0:2.0.3-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

90
oval/p11/ALT-PU-2024-17362/tests.json Normal file
View File

@ -0,0 +1,90 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p11' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417362001",
"Version": "1",
"Check": "all",
"Comment": "fwupd is earlier than 0:2.0.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417362001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417362001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417362002",
"Version": "1",
"Check": "all",
"Comment": "fwupd-plugin-modem-manager is earlier than 0:2.0.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417362002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417362001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417362003",
"Version": "1",
"Check": "all",
"Comment": "fwupd-tests is earlier than 0:2.0.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417362003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417362001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417362004",
"Version": "1",
"Check": "all",
"Comment": "libfwupd-devel is earlier than 0:2.0.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417362004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417362001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417362005",
"Version": "1",
"Check": "all",
"Comment": "libfwupd-devel-docs is earlier than 0:2.0.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417362005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417362001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417362006",
"Version": "1",
"Check": "all",
"Comment": "libfwupd3 is earlier than 0:2.0.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417362006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417362001"
}
}
]
}

92
oval/p11/ALT-PU-2024-17366/definitions.json Normal file
View File

@ -0,0 +1,92 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417366",
"Version": "oval:org.altlinux.errata:def:202417366",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17366: package `kitty` update to version 0.38.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17366",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17366",
"Source": "ALTPU"
}
],
"Description": "This update upgrades kitty to version 0.38.0-alt1. \nSecurity Fix(es):\n\n * #51691: Нет нужных provides\n\n * #51734: Прошу обновить пакет kitty",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "51691",
"Href": "https://bugzilla.altlinux.org/51691",
"Data": "Нет нужных provides"
},
{
"ID": "51734",
"Href": "https://bugzilla.altlinux.org/51734",
"Data": "Прошу обновить пакет kitty"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417366001",
"Comment": "kitty is earlier than 0:0.38.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417366002",
"Comment": "kitty-kitten is earlier than 0:0.38.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417366003",
"Comment": "kitty-shell-integration is earlier than 0:0.38.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417366004",
"Comment": "kitty-terminfo is earlier than 0:0.38.0-alt1"
}
]
}
]
}
}
]
}

52
oval/p11/ALT-PU-2024-17366/objects.json Normal file
View File

@ -0,0 +1,52 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417366001",
"Version": "1",
"Comment": "kitty is installed",
"Name": "kitty"
},
{
"ID": "oval:org.altlinux.errata:obj:202417366002",
"Version": "1",
"Comment": "kitty-kitten is installed",
"Name": "kitty-kitten"
},
{
"ID": "oval:org.altlinux.errata:obj:202417366003",
"Version": "1",
"Comment": "kitty-shell-integration is installed",
"Name": "kitty-shell-integration"
},
{
"ID": "oval:org.altlinux.errata:obj:202417366004",
"Version": "1",
"Comment": "kitty-terminfo is installed",
"Name": "kitty-terminfo"
}
]
}

23
oval/p11/ALT-PU-2024-17366/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417366001",
"Version": "1",
"Comment": "package EVR is earlier than 0:0.38.0-alt1",
"Arch": {},
"EVR": {
"Text": "0:0.38.0-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

66
oval/p11/ALT-PU-2024-17366/tests.json Normal file
View File

@ -0,0 +1,66 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p11' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417366001",
"Version": "1",
"Check": "all",
"Comment": "kitty is earlier than 0:0.38.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417366001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417366001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417366002",
"Version": "1",
"Check": "all",
"Comment": "kitty-kitten is earlier than 0:0.38.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417366002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417366001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417366003",
"Version": "1",
"Check": "all",
"Comment": "kitty-shell-integration is earlier than 0:0.38.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417366003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417366001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417366004",
"Version": "1",
"Check": "all",
"Comment": "kitty-terminfo is earlier than 0:0.38.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417366004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417366001"
}
}
]
}

81
oval/p11/ALT-PU-2024-17425/definitions.json Normal file
View File

@ -0,0 +1,81 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417425",
"Version": "oval:org.altlinux.errata:def:202417425",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17425: package `kafka` update to version 3.8.1-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17425",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17425",
"Source": "ALTPU"
},
{
"RefID": "CVE-2024-56128",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-56128",
"Source": "CVE"
}
],
"Description": "This update upgrades kafka to version 3.8.1-alt1. \nSecurity Fix(es):\n\n * CVE-2024-56128: Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation.\n\nIssue Summary:\nApache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM) did not fully adhere to the requirements of RFC 5802 [1].\nSpecifically, as per RFC 5802, the server must verify that the nonce sent by the client in the second message matches the nonce sent by the server in its first message.\nHowever, Kafka's SCRAM implementation did not perform this validation.\n\nImpact:\nThis vulnerability is exploitable only when an attacker has plaintext access to the SCRAM authentication exchange. However, the usage of SCRAM over plaintext is strongly\ndiscouraged as it is considered an insecure practice [2]. Apache Kafka recommends deploying SCRAM exclusively with TLS encryption to protect SCRAM exchanges from interception [3].\nDeployments using SCRAM with TLS are not affected by this issue.\n\nHow to Detect If You Are Impacted:\nIf your deployment uses SCRAM authentication over plaintext communication channels (without TLS encryption), you are likely impacted.\nTo check if TLS is enabled, review your server.properties configuration file for listeners property. If you have SASL_PLAINTEXT in the listeners, then you are likely impacted.\n\nFix Details:\nThe issue has been addressed by introducing nonce verification in the final message of the SCRAM authentication exchange to ensure compliance with RFC 5802.\n\nAffected Versions:\nApache Kafka versions 0.10.2.0 through 3.9.0, excluding the fixed versions below.\n\nFixed Versions:\n3.9.0\n3.8.1\n3.7.2\n\nUsers are advised to upgrade to 3.7.2 or later to mitigate this issue.\n\nRecommendations for Mitigation:\nUsers unable to upgrade to the fixed versions can mitigate the issue by:\n- Using TLS with SCRAM Authentication:\nAlways deploy SCRAM over TLS to encrypt authentication exchanges and protect against interception.\n- Considering Alternative Authentication Mechanisms:\nEvaluate alternative authentication mechanisms, such as PLAIN, Kerberos or OAuth with TLS, which provide additional layers of security.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-23"
},
"Updated": {
"Date": "2024-12-23"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2024-56128",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-56128",
"Impact": "None",
"Public": "20241218"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417425001",
"Comment": "kafka is earlier than 0:3.8.1-alt1"
}
]
}
]
}
}
]
}

34
oval/p11/ALT-PU-2024-17425/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417425001",
"Version": "1",
"Comment": "kafka is installed",
"Name": "kafka"
}
]
}

23
oval/p11/ALT-PU-2024-17425/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417425001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3.8.1-alt1",
"Arch": {},
"EVR": {
"Text": "0:3.8.1-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p11/ALT-PU-2024-17425/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p11' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417425001",
"Version": "1",
"Check": "all",
"Comment": "kafka is earlier than 0:3.8.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417425001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417425001"
}
}
]
}