pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-10-31 16:59:21 +00:00
parent 7a1924c040
commit 36f745221e
470 changed files with 21206 additions and 43162 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
oval/c10f1/ALT-PU-2018-2090/definitions.json
View File

@ -85,10 +85,10 @@
{
"ID": "CVE-2018-1000021",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000021",
"Impact": "High",
"Impact": "Low",
"Public": "20180209"
},
{

8
oval/c10f1/ALT-PU-2019-2645/definitions.json
View File

@ -43,7 +43,7 @@
"Description": "This update upgrades systemd to version 243-alt1. \nSecurity Fix(es):\n\n * BDU:2020-05729: Уязвимость подсистемы инициализации и управления службами в Linux systemd, связанная с неосвобождением ресурса после истечения действительного срока его эксплуатации, позволяющая нарушителю вызвать отказ в обслуживаниии\n\n * CVE-2018-20839: systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.\n\n * CVE-2019-20386: An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2019-09-05"
@ -66,10 +66,10 @@
{
"ID": "CVE-2018-20839",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-200",
"CVSS3": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20839",
"Impact": "Critical",
"Impact": "Low",
"Public": "20190517"
},
{

2
oval/c10f1/ALT-PU-2021-1651/definitions.json
View File

@ -80,7 +80,7 @@
{
"ID": "CVE-2021-20193",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-20193",
"Impact": "Low",

279
oval/c10f1/ALT-PU-2023-4519/definitions.json
View File

@ -1,279 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20234519",
"Version": "oval:org.altlinux.errata:def:20234519",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2023-4519: package `samba` update to version 4.16.11-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2023-4519",
"RefURL": "https://errata.altlinux.org/ALT-PU-2023-4519",
"Source": "ALTPU"
},
{
"RefID": "CVE-2022-2127",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-2127",
"Source": "CVE"
},
{
"RefID": "CVE-2023-34966",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-34966",
"Source": "CVE"
},
{
"RefID": "CVE-2023-34967",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-34967",
"Source": "CVE"
},
{
"RefID": "CVE-2023-34968",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-34968",
"Source": "CVE"
}
],
"Description": "This update upgrades samba to version 4.16.11-alt1. \nSecurity Fix(es):\n\n * CVE-2022-2127: An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.\n\n * CVE-2023-34966: An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.\n\n * CVE-2023-34967: A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.\n\n * CVE-2023-34968: A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.\n\n * #46966: Secure channel faulty since Windows 10/11 update 07/2023",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2023-07-23"
},
"Updated": {
"Date": "2023-07-23"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2022-2127",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-2127",
"Impact": "Low",
"Public": "20230720"
},
{
"ID": "CVE-2023-34966",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-835",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-34966",
"Impact": "High",
"Public": "20230720"
},
{
"ID": "CVE-2023-34967",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CWE": "CWE-843",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-34967",
"Impact": "Low",
"Public": "20230720"
},
{
"ID": "CVE-2023-34968",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-34968",
"Impact": "Low",
"Public": "20230720"
}
],
"Bugzilla": [
{
"ID": "46966",
"Href": "https://bugzilla.altlinux.org/46966",
"Data": "Secure channel faulty since Windows 10/11 update 07/2023"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20234519001",
"Comment": "admx-samba is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519002",
"Comment": "libldb-modules-dc is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519003",
"Comment": "libsmbclient is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519004",
"Comment": "libsmbclient-devel is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519005",
"Comment": "libwbclient is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519006",
"Comment": "libwbclient-devel is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519007",
"Comment": "python3-module-samba is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519008",
"Comment": "python3-module-samba-devel is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519009",
"Comment": "samba is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519010",
"Comment": "samba-client is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519011",
"Comment": "samba-common is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519012",
"Comment": "samba-common-client is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519013",
"Comment": "samba-common-libs is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519014",
"Comment": "samba-common-tools is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519015",
"Comment": "samba-ctdb is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519016",
"Comment": "samba-dc is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519017",
"Comment": "samba-dc-client is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519018",
"Comment": "samba-dc-common is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519019",
"Comment": "samba-dc-libs is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519020",
"Comment": "samba-dc-mitkrb5 is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519021",
"Comment": "samba-devel is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519022",
"Comment": "samba-doc is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519023",
"Comment": "samba-krb5-printing is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519024",
"Comment": "samba-libs is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519025",
"Comment": "samba-pidl is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519026",
"Comment": "samba-test is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519027",
"Comment": "samba-usershares is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519028",
"Comment": "samba-util-private-headers is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519029",
"Comment": "samba-vfs-cephfs is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519030",
"Comment": "samba-vfs-glusterfs is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519031",
"Comment": "samba-vfs-snapper is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519032",
"Comment": "samba-winbind is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519033",
"Comment": "samba-winbind-clients is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519034",
"Comment": "samba-winbind-common is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519035",
"Comment": "samba-winbind-krb5-localauth is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519036",
"Comment": "samba-winbind-krb5-locator is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519037",
"Comment": "task-samba-dc is earlier than 0:4.16.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20234519038",
"Comment": "task-samba-dc-mitkrb5 is earlier than 0:4.16.11-alt1"
}
]
}
]
}
}
]
}

256
oval/c10f1/ALT-PU-2023-4519/objects.json
View File

@ -1,256 +0,0 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20234519001",
"Version": "1",
"Comment": "admx-samba is installed",
"Name": "admx-samba"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519002",
"Version": "1",
"Comment": "libldb-modules-dc is installed",
"Name": "libldb-modules-dc"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519003",
"Version": "1",
"Comment": "libsmbclient is installed",
"Name": "libsmbclient"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519004",
"Version": "1",
"Comment": "libsmbclient-devel is installed",
"Name": "libsmbclient-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519005",
"Version": "1",
"Comment": "libwbclient is installed",
"Name": "libwbclient"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519006",
"Version": "1",
"Comment": "libwbclient-devel is installed",
"Name": "libwbclient-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519007",
"Version": "1",
"Comment": "python3-module-samba is installed",
"Name": "python3-module-samba"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519008",
"Version": "1",
"Comment": "python3-module-samba-devel is installed",
"Name": "python3-module-samba-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519009",
"Version": "1",
"Comment": "samba is installed",
"Name": "samba"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519010",
"Version": "1",
"Comment": "samba-client is installed",
"Name": "samba-client"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519011",
"Version": "1",
"Comment": "samba-common is installed",
"Name": "samba-common"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519012",
"Version": "1",
"Comment": "samba-common-client is installed",
"Name": "samba-common-client"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519013",
"Version": "1",
"Comment": "samba-common-libs is installed",
"Name": "samba-common-libs"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519014",
"Version": "1",
"Comment": "samba-common-tools is installed",
"Name": "samba-common-tools"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519015",
"Version": "1",
"Comment": "samba-ctdb is installed",
"Name": "samba-ctdb"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519016",
"Version": "1",
"Comment": "samba-dc is installed",
"Name": "samba-dc"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519017",
"Version": "1",
"Comment": "samba-dc-client is installed",
"Name": "samba-dc-client"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519018",
"Version": "1",
"Comment": "samba-dc-common is installed",
"Name": "samba-dc-common"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519019",
"Version": "1",
"Comment": "samba-dc-libs is installed",
"Name": "samba-dc-libs"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519020",
"Version": "1",
"Comment": "samba-dc-mitkrb5 is installed",
"Name": "samba-dc-mitkrb5"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519021",
"Version": "1",
"Comment": "samba-devel is installed",
"Name": "samba-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519022",
"Version": "1",
"Comment": "samba-doc is installed",
"Name": "samba-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519023",
"Version": "1",
"Comment": "samba-krb5-printing is installed",
"Name": "samba-krb5-printing"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519024",
"Version": "1",
"Comment": "samba-libs is installed",
"Name": "samba-libs"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519025",
"Version": "1",
"Comment": "samba-pidl is installed",
"Name": "samba-pidl"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519026",
"Version": "1",
"Comment": "samba-test is installed",
"Name": "samba-test"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519027",
"Version": "1",
"Comment": "samba-usershares is installed",
"Name": "samba-usershares"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519028",
"Version": "1",
"Comment": "samba-util-private-headers is installed",
"Name": "samba-util-private-headers"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519029",
"Version": "1",
"Comment": "samba-vfs-cephfs is installed",
"Name": "samba-vfs-cephfs"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519030",
"Version": "1",
"Comment": "samba-vfs-glusterfs is installed",
"Name": "samba-vfs-glusterfs"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519031",
"Version": "1",
"Comment": "samba-vfs-snapper is installed",
"Name": "samba-vfs-snapper"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519032",
"Version": "1",
"Comment": "samba-winbind is installed",
"Name": "samba-winbind"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519033",
"Version": "1",
"Comment": "samba-winbind-clients is installed",
"Name": "samba-winbind-clients"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519034",
"Version": "1",
"Comment": "samba-winbind-common is installed",
"Name": "samba-winbind-common"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519035",
"Version": "1",
"Comment": "samba-winbind-krb5-localauth is installed",
"Name": "samba-winbind-krb5-localauth"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519036",
"Version": "1",
"Comment": "samba-winbind-krb5-locator is installed",
"Name": "samba-winbind-krb5-locator"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519037",
"Version": "1",
"Comment": "task-samba-dc is installed",
"Name": "task-samba-dc"
},
{
"ID": "oval:org.altlinux.errata:obj:20234519038",
"Version": "1",
"Comment": "task-samba-dc-mitkrb5 is installed",
"Name": "task-samba-dc-mitkrb5"
}
]
}

474
oval/c10f1/ALT-PU-2023-4519/tests.json
View File

@ -1,474 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20234519001",
"Version": "1",
"Check": "all",
"Comment": "admx-samba is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519002",
"Version": "1",
"Check": "all",
"Comment": "libldb-modules-dc is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519003",
"Version": "1",
"Check": "all",
"Comment": "libsmbclient is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519004",
"Version": "1",
"Check": "all",
"Comment": "libsmbclient-devel is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519005",
"Version": "1",
"Check": "all",
"Comment": "libwbclient is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519006",
"Version": "1",
"Check": "all",
"Comment": "libwbclient-devel is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519007",
"Version": "1",
"Check": "all",
"Comment": "python3-module-samba is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519008",
"Version": "1",
"Check": "all",
"Comment": "python3-module-samba-devel is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519009",
"Version": "1",
"Check": "all",
"Comment": "samba is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519010",
"Version": "1",
"Check": "all",
"Comment": "samba-client is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519011",
"Version": "1",
"Check": "all",
"Comment": "samba-common is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519012",
"Version": "1",
"Check": "all",
"Comment": "samba-common-client is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519013",
"Version": "1",
"Check": "all",
"Comment": "samba-common-libs is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519014",
"Version": "1",
"Check": "all",
"Comment": "samba-common-tools is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519015",
"Version": "1",
"Check": "all",
"Comment": "samba-ctdb is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519016",
"Version": "1",
"Check": "all",
"Comment": "samba-dc is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519017",
"Version": "1",
"Check": "all",
"Comment": "samba-dc-client is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519018",
"Version": "1",
"Check": "all",
"Comment": "samba-dc-common is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519018"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519019",
"Version": "1",
"Check": "all",
"Comment": "samba-dc-libs is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519019"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519020",
"Version": "1",
"Check": "all",
"Comment": "samba-dc-mitkrb5 is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519020"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519021",
"Version": "1",
"Check": "all",
"Comment": "samba-devel is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519021"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519022",
"Version": "1",
"Check": "all",
"Comment": "samba-doc is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519022"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519023",
"Version": "1",
"Check": "all",
"Comment": "samba-krb5-printing is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519023"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519024",
"Version": "1",
"Check": "all",
"Comment": "samba-libs is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519024"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519025",
"Version": "1",
"Check": "all",
"Comment": "samba-pidl is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519025"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519026",
"Version": "1",
"Check": "all",
"Comment": "samba-test is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519026"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519027",
"Version": "1",
"Check": "all",
"Comment": "samba-usershares is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519027"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519028",
"Version": "1",
"Check": "all",
"Comment": "samba-util-private-headers is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519028"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519029",
"Version": "1",
"Check": "all",
"Comment": "samba-vfs-cephfs is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519029"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519030",
"Version": "1",
"Check": "all",
"Comment": "samba-vfs-glusterfs is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519030"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519031",
"Version": "1",
"Check": "all",
"Comment": "samba-vfs-snapper is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519031"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519032",
"Version": "1",
"Check": "all",
"Comment": "samba-winbind is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519032"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519033",
"Version": "1",
"Check": "all",
"Comment": "samba-winbind-clients is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519033"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519034",
"Version": "1",
"Check": "all",
"Comment": "samba-winbind-common is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519034"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519035",
"Version": "1",
"Check": "all",
"Comment": "samba-winbind-krb5-localauth is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519035"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519036",
"Version": "1",
"Check": "all",
"Comment": "samba-winbind-krb5-locator is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519036"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519037",
"Version": "1",
"Check": "all",
"Comment": "task-samba-dc is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519037"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234519038",
"Version": "1",
"Check": "all",
"Comment": "task-samba-dc-mitkrb5 is earlier than 0:4.16.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234519038"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234519001"
}
}
]
}

364
oval/c10f1/ALT-PU-2023-5061/definitions.json
View File

File diff suppressed because one or more lines are too long

54
oval/c10f1/ALT-PU-2023-5061/tests.json
View File

@ -1,54 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20235061001",
"Version": "1",
"Check": "all",
"Comment": "redis is earlier than 0:7.0.12-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235061001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235061001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20235061002",
"Version": "1",
"Check": "all",
"Comment": "redis-cli is earlier than 0:7.0.12-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235061002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235061001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20235061003",
"Version": "1",
"Check": "all",
"Comment": "redis-devel is earlier than 0:7.0.12-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235061003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235061001"
}
}
]
}

81
oval/c10f1/ALT-PU-2023-5307/definitions.json
View File

@ -1,81 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20235307",
"Version": "oval:org.altlinux.errata:def:20235307",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2023-5307: package `realmd` update to version 0.17.1-alt5",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2023-5307",
"RefURL": "https://errata.altlinux.org/ALT-PU-2023-5307",
"Source": "ALTPU"
}
],
"Description": "This update upgrades realmd to version 0.17.1-alt5. \nSecurity Fix(es):\n\n * #47410: Не хватает необходимых пакетов для ввода в домен Active Directory",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2023-08-31"
},
"Updated": {
"Date": "2023-08-31"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "47410",
"Href": "https://bugzilla.altlinux.org/47410",
"Data": "Не хватает необходимых пакетов для ввода в домен Active Directory"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20235307001",
"Comment": "realmd is earlier than 0:0.17.1-alt5"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20235307002",
"Comment": "realmd-devel-docs is earlier than 0:0.17.1-alt5"
}
]
}
]
}
}
]
}

110
oval/c10f1/ALT-PU-2023-5561/definitions.json
View File

@ -1,110 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20235561",
"Version": "oval:org.altlinux.errata:def:20235561",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2023-5561: package `salt` update to version 3006.3-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2023-5561",
"RefURL": "https://errata.altlinux.org/ALT-PU-2023-5561",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-20897",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-20897",
"Source": "CVE"
},
{
"RefID": "CVE-2023-20898",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-20898",
"Source": "CVE"
}
],
"Description": "This update upgrades salt to version 3006.3-alt2. \nSecurity Fix(es):\n\n * CVE-2023-20897: Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.\n\n\n * CVE-2023-20898: Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.\n",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2023-09-12"
},
"Updated": {
"Date": "2023-09-12"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2023-20897",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CWE": "CWE-404",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-20897",
"Impact": "Low",
"Public": "20230905"
},
{
"ID": "CVE-2023-20898",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-20898",
"Impact": "High",
"Public": "20230905"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20235561001",
"Comment": "python3-module-salt is earlier than 0:3006.3-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20235561002",
"Comment": "salt-api is earlier than 0:3006.3-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20235561003",
"Comment": "salt-master is earlier than 0:3006.3-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20235561004",
"Comment": "salt-minion is earlier than 0:3006.3-alt2"
}
]
}
]
}
}
]
}

66
oval/c10f1/ALT-PU-2023-5561/tests.json
View File

@ -1,66 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20235561001",
"Version": "1",
"Check": "all",
"Comment": "python3-module-salt is earlier than 0:3006.3-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235561001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235561001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20235561002",
"Version": "1",
"Check": "all",
"Comment": "salt-api is earlier than 0:3006.3-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235561002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235561001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20235561003",
"Version": "1",
"Check": "all",
"Comment": "salt-master is earlier than 0:3006.3-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235561003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235561001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20235561004",
"Version": "1",
"Check": "all",
"Comment": "salt-minion is earlier than 0:3006.3-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235561004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235561001"
}
}
]
}

178
oval/c10f1/ALT-PU-2023-7014/definitions.json
View File

@ -1,178 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20237014",
"Version": "oval:org.altlinux.errata:def:20237014",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2023-7014: package `golang` update to version 1.20.10-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2023-7014",
"RefURL": "https://errata.altlinux.org/ALT-PU-2023-7014",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-06559",
"RefURL": "https://bdu.fstec.ru/vul/2023-06559",
"Source": "BDU"
},
{
"RefID": "BDU:2023-07013",
"RefURL": "https://bdu.fstec.ru/vul/2023-07013",
"Source": "BDU"
},
{
"RefID": "BDU:2023-07201",
"RefURL": "https://bdu.fstec.ru/vul/2023-07201",
"Source": "BDU"
},
{
"RefID": "CVE-2023-39323",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-39323",
"Source": "CVE"
},
{
"RefID": "CVE-2023-39325",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"Source": "CVE"
},
{
"RefID": "CVE-2023-44487",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"Source": "CVE"
}
],
"Description": "This update upgrades golang to version 1.20.10-alt1. \nSecurity Fix(es):\n\n * BDU:2023-06559: Уязвимость реализации протокола HTTP/2, связанная с возможностью формирования потока запросов в рамках уже установленного сетевого соединения, без открытия новых сетевых соединений и без подтверждения получения пакетов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-07013: Уязвимость пакета http2 языка программирования Go, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-07201: Уязвимость директивы \u0026quot;//line\u0026quot; языка программирования Go, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-39323: Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.\n\n * CVE-2023-39325: A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.\n\n * CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2023-11-07"
},
"Updated": {
"Date": "2023-11-07"
},
"BDUs": [
{
"ID": "BDU:2023-06559",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400",
"Href": "https://bdu.fstec.ru/vul/2023-06559",
"Impact": "High",
"Public": "20231010"
},
{
"ID": "BDU:2023-07013",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400",
"Href": "https://bdu.fstec.ru/vul/2023-07013",
"Impact": "High",
"Public": "20231006"
},
{
"ID": "BDU:2023-07201",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-94",
"Href": "https://bdu.fstec.ru/vul/2023-07201",
"Impact": "Critical",
"Public": "20230510"
}
],
"CVEs": [
{
"ID": "CVE-2023-39323",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-39323",
"Impact": "High",
"Public": "20231005"
},
{
"ID": "CVE-2023-39325",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-770",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
"Impact": "High",
"Public": "20231011"
},
{
"ID": "CVE-2023-44487",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487",
"Impact": "High",
"Public": "20231010"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20237014001",
"Comment": "golang is earlier than 0:1.20.10-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20237014002",
"Comment": "golang-docs is earlier than 0:1.20.10-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20237014003",
"Comment": "golang-gdb is earlier than 0:1.20.10-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20237014004",
"Comment": "golang-misc is earlier than 0:1.20.10-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20237014005",
"Comment": "golang-shared is earlier than 0:1.20.10-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20237014006",
"Comment": "golang-src is earlier than 0:1.20.10-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20237014007",
"Comment": "golang-tests is earlier than 0:1.20.10-alt1"
}
]
}
]
}
}
]
}

70
oval/c10f1/ALT-PU-2023-7014/objects.json
View File

@ -1,70 +0,0 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20237014001",
"Version": "1",
"Comment": "golang is installed",
"Name": "golang"
},
{
"ID": "oval:org.altlinux.errata:obj:20237014002",
"Version": "1",
"Comment": "golang-docs is installed",
"Name": "golang-docs"
},
{
"ID": "oval:org.altlinux.errata:obj:20237014003",
"Version": "1",
"Comment": "golang-gdb is installed",
"Name": "golang-gdb"
},
{
"ID": "oval:org.altlinux.errata:obj:20237014004",
"Version": "1",
"Comment": "golang-misc is installed",
"Name": "golang-misc"
},
{
"ID": "oval:org.altlinux.errata:obj:20237014005",
"Version": "1",
"Comment": "golang-shared is installed",
"Name": "golang-shared"
},
{
"ID": "oval:org.altlinux.errata:obj:20237014006",
"Version": "1",
"Comment": "golang-src is installed",
"Name": "golang-src"
},
{
"ID": "oval:org.altlinux.errata:obj:20237014007",
"Version": "1",
"Comment": "golang-tests is installed",
"Name": "golang-tests"
}
]
}

23
oval/c10f1/ALT-PU-2023-7014/states.json
View File

@ -1,23 +0,0 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20237014001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.20.10-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.20.10-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

102
oval/c10f1/ALT-PU-2023-7014/tests.json
View File

@ -1,102 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20237014001",
"Version": "1",
"Check": "all",
"Comment": "golang is earlier than 0:1.20.10-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20237014001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20237014001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20237014002",
"Version": "1",
"Check": "all",
"Comment": "golang-docs is earlier than 0:1.20.10-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20237014002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20237014001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20237014003",
"Version": "1",
"Check": "all",
"Comment": "golang-gdb is earlier than 0:1.20.10-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20237014003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20237014001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20237014004",
"Version": "1",
"Check": "all",
"Comment": "golang-misc is earlier than 0:1.20.10-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20237014004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20237014001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20237014005",
"Version": "1",
"Check": "all",
"Comment": "golang-shared is earlier than 0:1.20.10-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20237014005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20237014001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20237014006",
"Version": "1",
"Check": "all",
"Comment": "golang-src is earlier than 0:1.20.10-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20237014006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20237014001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20237014007",
"Version": "1",
"Check": "all",
"Comment": "golang-tests is earlier than 0:1.20.10-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20237014007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20237014001"
}
}
]
}

2
oval/c10f1/ALT-PU-2023-7461/definitions.json
View File

@ -75,7 +75,7 @@
"Source": "CVE"
}
],
"Description": "This update upgrades squid to version 6.5-alt1. \nSecurity Fix(es):\n\n * BDU:2023-07699: Уязвимость прокси-сервера Squid, связанная с ошибками при проверке сертификата SSL/TLS, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-07920: Уязвимость обработчика аутентификации HTTP Digest Authentication прокси-сервера Squid, позволяющая нарушителю вызвать отказ в обслуживании или оказать иное воздействие\n\n * BDU:2023-08061: Уязвимость прокси-сервера Squid, связана с неправильным обращением с исключительными условиями и неконтролируемым потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-08062: Уязвимость прокси-сервера Squid, связана с неправильным преобразованием между числовыми типами и неконтролируемым потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-08063: Уязвимость декодера chunked прокси-сервера Squid, \nпозволяющая нарушителю взаимодействовать с сервером напрямую\n\n * CVE-2023-46724: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.\n\n * CVE-2023-46846: SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.\n\n * CVE-2023-46847: Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.\n\n * CVE-2023-46848: Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.\n\n * CVE-2023-5824: Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.",
"Description": "This update upgrades squid to version 6.5-alt1. \nSecurity Fix(es):\n\n * BDU:2023-07699: Уязвимость прокси-сервера Squid, связанная с ошибками при проверке сертификата SSL/TLS, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-07920: Уязвимость обработчика аутентификации HTTP Digest Authentication прокси-сервера Squid, позволяющая нарушителю вызвать отказ в обслуживании или оказать иное воздействие\n\n * BDU:2023-08061: Уязвимость прокси-сервера Squid, связана с неправильным обращением с исключительными условиями и неконтролируемым потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-08062: Уязвимость прокси-сервера Squid, связана с неправильным преобразованием между числовыми типами и неконтролируемым потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-08063: Уязвимость декодера chunked прокси-сервера Squid, \nпозволяющая нарушителю взаимодействовать с сервером напрямую\n\n * CVE-2023-46724: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.\n\n * CVE-2023-46846: SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.\n\n * CVE-2023-46847: Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.\n\n * CVE-2023-46848: Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.\n\n * CVE-2023-5824: A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",

3
oval/c10f1/ALT-PU-2024-10370/definitions.json
View File

@ -60,9 +60,10 @@
"CVEs": [
{
"ID": "CVE-2024-5154",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
"CWE": "CWE-22",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5154",
"Impact": "None",
"Impact": "High",
"Public": "20240612"
}
],

81
oval/c10f1/ALT-PU-2024-11074/definitions.json
View File

@ -1,81 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411074",
"Version": "oval:org.altlinux.errata:def:202411074",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11074: package `python-module-six` update to version 1.16.0-alt1.p10",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11074",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11074",
"Source": "ALTPU"
}
],
"Description": "This update upgrades python-module-six to version 1.16.0-alt1.p10. \nSecurity Fix(es):\n\n * #40787: Просьба обновить python3-module-six до 1.16.0",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-04"
},
"Updated": {
"Date": "2024-09-04"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "40787",
"Href": "https://bugzilla.altlinux.org/40787",
"Data": "Просьба обновить python3-module-six до 1.16.0"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411074001",
"Comment": "python-module-six is earlier than 0:1.16.0-alt1.p10"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411074002",
"Comment": "python3-module-six is earlier than 0:1.16.0-alt1.p10"
}
]
}
]
}
}
]
}

23
oval/c10f1/ALT-PU-2024-11074/states.json
View File

@ -1,23 +0,0 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411074001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.16.0-alt1.p10",
"Arch": {},
"EVR": {
"Text": "0:1.16.0-alt1.p10",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c10f1/ALT-PU-2024-11074/tests.json
View File

@ -1,42 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411074001",
"Version": "1",
"Check": "all",
"Comment": "python-module-six is earlier than 0:1.16.0-alt1.p10",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411074001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411074001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411074002",
"Version": "1",
"Check": "all",
"Comment": "python3-module-six is earlier than 0:1.16.0-alt1.p10",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411074002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411074001"
}
}
]
}

104
oval/c10f1/ALT-PU-2024-11773/definitions.json
View File

@ -1,104 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411773",
"Version": "oval:org.altlinux.errata:def:202411773",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11773: package `openstack-cinder` update to version 22.1.1-alt1.p10",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11773",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11773",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-00689",
"RefURL": "https://bdu.fstec.ru/vul/2023-00689",
"Source": "BDU"
},
{
"RefID": "CVE-2022-47951",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-47951",
"Source": "CVE"
}
],
"Description": "This update upgrades openstack-cinder to version 22.1.1-alt1.p10. \nSecurity Fix(es):\n\n * BDU:2023-00689: Уязвимость сервиса блочного хранения данных Openstack Cinder, связанная с использованием файлов и каталогов, доступных внешним сторонам, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2022-47951: An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-28"
},
"Updated": {
"Date": "2024-08-28"
},
"BDUs": [
{
"ID": "BDU:2023-00689",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:P/A:P",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"CWE": "CWE-552",
"Href": "https://bdu.fstec.ru/vul/2023-00689",
"Impact": "High",
"Public": "20230124"
}
],
"CVEs": [
{
"ID": "CVE-2022-47951",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-22",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-47951",
"Impact": "Low",
"Public": "20230126"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411773001",
"Comment": "openstack-cinder is earlier than 1:22.1.1-alt1.p10"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411773002",
"Comment": "python3-module-cinder is earlier than 1:22.1.1-alt1.p10"
}
]
}
]
}
}
]
}

23
oval/c10f1/ALT-PU-2024-11773/states.json
View File

@ -1,23 +0,0 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411773001",
"Version": "1",
"Comment": "package EVR is earlier than 1:22.1.1-alt1.p10",
"Arch": {},
"EVR": {
"Text": "1:22.1.1-alt1.p10",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c10f1/ALT-PU-2024-11773/tests.json
View File

@ -1,42 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411773001",
"Version": "1",
"Check": "all",
"Comment": "openstack-cinder is earlier than 1:22.1.1-alt1.p10",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411773001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411773001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411773002",
"Version": "1",
"Check": "all",
"Comment": "python3-module-cinder is earlier than 1:22.1.1-alt1.p10",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411773002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411773001"
}
}
]
}

250
oval/c10f1/ALT-PU-2024-12013/definitions.json
View File

@ -1,250 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202412013",
"Version": "oval:org.altlinux.errata:def:202412013",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-12013: package `zabbix` update to version 7.0.3-alt0.c10f1.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-12013",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12013",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-03942",
"RefURL": "https://bdu.fstec.ru/vul/2024-03942",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06204",
"RefURL": "https://bdu.fstec.ru/vul/2024-06204",
"Source": "BDU"
},
{
"RefID": "CVE-2024-22116",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22116",
"Source": "CVE"
},
{
"RefID": "CVE-2024-22120",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22120",
"Source": "CVE"
},
{
"RefID": "CVE-2024-36462",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-36462",
"Source": "CVE"
}
],
"Description": "This update upgrades zabbix to version 7.0.3-alt0.c10f1.1. \nSecurity Fix(es):\n\n * BDU:2024-03942: Уязвимость сервера универсальной системы мониторинга Zabbix Workstation, связанная с ошибками при обработке входных данных, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-06204: Уязвимость компонента «Мониторинг хостов» универсальной системы мониторинга Zabbix, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2024-22116: An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. The lack of default escaping for script parameters enabled this user ability to execute arbitrary code via the Ping script, thereby compromising infrastructure.\n\n * CVE-2024-22120: Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to \"Audit Log\". Due to \"clientip\" field is not sanitized, it is possible to injection SQL into \"clientip\" and exploit time based blind SQL injection.\n\n * CVE-2024-36462: Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or controls. This can cause a denial-of-service (DoS) attack or degrade the performance of the affected system.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-03"
},
"Updated": {
"Date": "2024-09-03"
},
"BDUs": [
{
"ID": "BDU:2024-03942",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2024-03942",
"Impact": "Critical",
"Public": "20240517"
},
{
"ID": "BDU:2024-06204",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-94",
"Href": "https://bdu.fstec.ru/vul/2024-06204",
"Impact": "Critical",
"Public": "20240809"
}
],
"CVEs": [
{
"ID": "CVE-2024-22116",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-22116",
"Impact": "None",
"Public": "20240812"
},
{
"ID": "CVE-2024-22120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-22120",
"Impact": "None",
"Public": "20240517"
},
{
"ID": "CVE-2024-36462",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-36462",
"Impact": "None",
"Public": "20240812"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202412013001",
"Comment": "zabbix-agent is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013002",
"Comment": "zabbix-agent-sudo is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013003",
"Comment": "zabbix-agent2 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013004",
"Comment": "zabbix-common is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013005",
"Comment": "zabbix-common-database-mysql is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013006",
"Comment": "zabbix-common-database-pgsql is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013007",
"Comment": "zabbix-common-database-sqlite3 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013008",
"Comment": "zabbix-contrib is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013009",
"Comment": "zabbix-doc is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013010",
"Comment": "zabbix-java-gateway is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013011",
"Comment": "zabbix-phpfrontend-apache2 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013012",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013013",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013014",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013015",
"Comment": "zabbix-phpfrontend-engine is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013016",
"Comment": "zabbix-phpfrontend-nginx is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013017",
"Comment": "zabbix-phpfrontend-nginx-php8.0-fpm-fcgi is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013018",
"Comment": "zabbix-phpfrontend-nginx-php8.1-fpm-fcgi is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013019",
"Comment": "zabbix-phpfrontend-nginx-php8.2-fpm-fcgi is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013020",
"Comment": "zabbix-phpfrontend-php8.0 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013021",
"Comment": "zabbix-phpfrontend-php8.1 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013022",
"Comment": "zabbix-phpfrontend-php8.2 is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013023",
"Comment": "zabbix-proxy is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013024",
"Comment": "zabbix-proxy-common is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013025",
"Comment": "zabbix-proxy-pgsql is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013026",
"Comment": "zabbix-server-common is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013027",
"Comment": "zabbix-server-mysql is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013028",
"Comment": "zabbix-server-pgsql is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013029",
"Comment": "zabbix-source is earlier than 1:7.0.3-alt0.c10f1.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412013030",
"Comment": "zabbix-web-service is earlier than 1:7.0.3-alt0.c10f1.1"
}
]
}
]
}
}
]
}

208
oval/c10f1/ALT-PU-2024-12013/objects.json
View File

@ -1,208 +0,0 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412013001",
"Version": "1",
"Comment": "zabbix-agent is installed",
"Name": "zabbix-agent"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013002",
"Version": "1",
"Comment": "zabbix-agent-sudo is installed",
"Name": "zabbix-agent-sudo"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013003",
"Version": "1",
"Comment": "zabbix-agent2 is installed",
"Name": "zabbix-agent2"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013004",
"Version": "1",
"Comment": "zabbix-common is installed",
"Name": "zabbix-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013005",
"Version": "1",
"Comment": "zabbix-common-database-mysql is installed",
"Name": "zabbix-common-database-mysql"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013006",
"Version": "1",
"Comment": "zabbix-common-database-pgsql is installed",
"Name": "zabbix-common-database-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013007",
"Version": "1",
"Comment": "zabbix-common-database-sqlite3 is installed",
"Name": "zabbix-common-database-sqlite3"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013008",
"Version": "1",
"Comment": "zabbix-contrib is installed",
"Name": "zabbix-contrib"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013009",
"Version": "1",
"Comment": "zabbix-doc is installed",
"Name": "zabbix-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013010",
"Version": "1",
"Comment": "zabbix-java-gateway is installed",
"Name": "zabbix-java-gateway"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013011",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2 is installed",
"Name": "zabbix-phpfrontend-apache2"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013012",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013013",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.1"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013014",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.2"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013015",
"Version": "1",
"Comment": "zabbix-phpfrontend-engine is installed",
"Name": "zabbix-phpfrontend-engine"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013016",
"Version": "1",
"Comment": "zabbix-phpfrontend-nginx is installed",
"Name": "zabbix-phpfrontend-nginx"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013017",
"Version": "1",
"Comment": "zabbix-phpfrontend-nginx-php8.0-fpm-fcgi is installed",
"Name": "zabbix-phpfrontend-nginx-php8.0-fpm-fcgi"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013018",
"Version": "1",
"Comment": "zabbix-phpfrontend-nginx-php8.1-fpm-fcgi is installed",
"Name": "zabbix-phpfrontend-nginx-php8.1-fpm-fcgi"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013019",
"Version": "1",
"Comment": "zabbix-phpfrontend-nginx-php8.2-fpm-fcgi is installed",
"Name": "zabbix-phpfrontend-nginx-php8.2-fpm-fcgi"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013020",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.0 is installed",
"Name": "zabbix-phpfrontend-php8.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013021",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.1 is installed",
"Name": "zabbix-phpfrontend-php8.1"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013022",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.2 is installed",
"Name": "zabbix-phpfrontend-php8.2"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013023",
"Version": "1",
"Comment": "zabbix-proxy is installed",
"Name": "zabbix-proxy"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013024",
"Version": "1",
"Comment": "zabbix-proxy-common is installed",
"Name": "zabbix-proxy-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013025",
"Version": "1",
"Comment": "zabbix-proxy-pgsql is installed",
"Name": "zabbix-proxy-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013026",
"Version": "1",
"Comment": "zabbix-server-common is installed",
"Name": "zabbix-server-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013027",
"Version": "1",
"Comment": "zabbix-server-mysql is installed",
"Name": "zabbix-server-mysql"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013028",
"Version": "1",
"Comment": "zabbix-server-pgsql is installed",
"Name": "zabbix-server-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013029",
"Version": "1",
"Comment": "zabbix-source is installed",
"Name": "zabbix-source"
},
{
"ID": "oval:org.altlinux.errata:obj:202412013030",
"Version": "1",
"Comment": "zabbix-web-service is installed",
"Name": "zabbix-web-service"
}
]
}

23
oval/c10f1/ALT-PU-2024-12013/states.json
View File

@ -1,23 +0,0 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412013001",
"Version": "1",
"Comment": "package EVR is earlier than 1:7.0.3-alt0.c10f1.1",
"Arch": {},
"EVR": {
"Text": "1:7.0.3-alt0.c10f1.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

378
oval/c10f1/ALT-PU-2024-12013/tests.json
View File

@ -1,378 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412013001",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013002",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent-sudo is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013003",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent2 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013004",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013005",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-mysql is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013006",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-pgsql is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013007",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-sqlite3 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013008",
"Version": "1",
"Check": "all",
"Comment": "zabbix-contrib is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013009",
"Version": "1",
"Check": "all",
"Comment": "zabbix-doc is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013010",
"Version": "1",
"Check": "all",
"Comment": "zabbix-java-gateway is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013011",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013012",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013013",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013014",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013015",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-engine is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013016",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-nginx is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013017",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-nginx-php8.0-fpm-fcgi is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013018",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-nginx-php8.1-fpm-fcgi is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013018"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013019",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-nginx-php8.2-fpm-fcgi is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013019"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013020",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.0 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013020"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013021",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.1 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013021"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013022",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.2 is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013022"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013023",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013023"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013024",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy-common is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013024"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013025",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy-pgsql is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013025"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013026",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-common is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013026"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013027",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-mysql is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013027"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013028",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-pgsql is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013028"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013029",
"Version": "1",
"Check": "all",
"Comment": "zabbix-source is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013029"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412013030",
"Version": "1",
"Check": "all",
"Comment": "zabbix-web-service is earlier than 1:7.0.3-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412013030"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412013001"
}
}
]
}

102
oval/c10f1/ALT-PU-2024-12456/definitions.json
View File

@ -1,102 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202412456",
"Version": "oval:org.altlinux.errata:def:202412456",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-12456: package `gst-plugins-bad1.0` update to version 1.20.7-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-12456",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12456",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-08257",
"RefURL": "https://bdu.fstec.ru/vul/2023-08257",
"Source": "BDU"
},
{
"RefID": "CVE-2023-44446",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-44446",
"Source": "CVE"
}
],
"Description": "This update upgrades gst-plugins-bad1.0 to version 1.20.7-alt1. \nSecurity Fix(es):\n\n * BDU:2023-08257: Уязвимость парсера MXF-файлов мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-44446: GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22299.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-11"
},
"Updated": {
"Date": "2024-09-11"
},
"BDUs": [
{
"ID": "BDU:2023-08257",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-08257",
"Impact": "High",
"Public": "20231019"
}
],
"CVEs": [
{
"ID": "CVE-2023-44446",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-44446",
"Impact": "None",
"Public": "20240503"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202412456001",
"Comment": "gst-plugins-bad1.0 is earlier than 0:1.20.7-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412456002",
"Comment": "gst-plugins-bad1.0-devel is earlier than 0:1.20.7-alt1"
}
]
}
]
}
}
]
}

40
oval/c10f1/ALT-PU-2024-12456/objects.json
View File

@ -1,40 +0,0 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412456001",
"Version": "1",
"Comment": "gst-plugins-bad1.0 is installed",
"Name": "gst-plugins-bad1.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202412456002",
"Version": "1",
"Comment": "gst-plugins-bad1.0-devel is installed",
"Name": "gst-plugins-bad1.0-devel"
}
]
}

42
oval/c10f1/ALT-PU-2024-12456/tests.json
View File

@ -1,42 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412456001",
"Version": "1",
"Check": "all",
"Comment": "gst-plugins-bad1.0 is earlier than 0:1.20.7-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412456001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412456001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412456002",
"Version": "1",
"Check": "all",
"Comment": "gst-plugins-bad1.0-devel is earlier than 0:1.20.7-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412456002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412456001"
}
}
]
}

200
oval/c10f1/ALT-PU-2024-13685/definitions.json Normal file
View File

@ -0,0 +1,200 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202413685",
"Version": "oval:org.altlinux.errata:def:202413685",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-13685: package `bind` update to version 9.18.30-alt0.c10f2.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-13685",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-13685",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-05771",
"RefURL": "https://bdu.fstec.ru/vul/2024-05771",
"Source": "BDU"
},
{
"RefID": "BDU:2024-05964",
"RefURL": "https://bdu.fstec.ru/vul/2024-05964",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06134",
"RefURL": "https://bdu.fstec.ru/vul/2024-06134",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06188",
"RefURL": "https://bdu.fstec.ru/vul/2024-06188",
"Source": "BDU"
},
{
"RefID": "CVE-2024-0760",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-0760",
"Source": "CVE"
},
{
"RefID": "CVE-2024-1737",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1737",
"Source": "CVE"
},
{
"RefID": "CVE-2024-1975",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1975",
"Source": "CVE"
},
{
"RefID": "CVE-2024-4076",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-4076",
"Source": "CVE"
}
],
"Description": "This update upgrades bind to version 9.18.30-alt0.c10f2.1. \nSecurity Fix(es):\n\n * BDU:2024-05771: Уязвимость DNS-сервера BIND, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-05964: Уязвимость DNS-сервера BIND, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-06134: Уязвимость DNS-сервера BIND, связанная с использованием функции assert() или похожего оператора, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-06188: Уязвимость DNS-сервера BIND, связанная с распределением ресурсов без ограничений и регулирования, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2024-0760: A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.\n\n * CVE-2024-1737: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.\n\n * CVE-2024-1975: If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.\nThis issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.\n\n * CVE-2024-4076: Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure.\nThis issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.\n\n * #49573: dig: DoH support not enabled\n\n * #51450: Невозможно получить статистику bind (rndc stats) со стандартным конфигурационным файлом",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-28"
},
"Updated": {
"Date": "2024-10-28"
},
"BDUs": [
{
"ID": "BDU:2024-05771",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400",
"Href": "https://bdu.fstec.ru/vul/2024-05771",
"Impact": "High",
"Public": "20240710"
},
{
"ID": "BDU:2024-05964",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-770",
"Href": "https://bdu.fstec.ru/vul/2024-05964",
"Impact": "High",
"Public": "20240710"
},
{
"ID": "BDU:2024-06134",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-617",
"Href": "https://bdu.fstec.ru/vul/2024-06134",
"Impact": "High",
"Public": "20240423"
},
{
"ID": "BDU:2024-06188",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-770",
"Href": "https://bdu.fstec.ru/vul/2024-06188",
"Impact": "High",
"Public": "20240723"
}
],
"CVEs": [
{
"ID": "CVE-2024-0760",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-0760",
"Impact": "High",
"Public": "20240723"
},
{
"ID": "CVE-2024-1737",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1737",
"Impact": "High",
"Public": "20240723"
},
{
"ID": "CVE-2024-1975",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1975",
"Impact": "High",
"Public": "20240723"
},
{
"ID": "CVE-2024-4076",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4076",
"Impact": "None",
"Public": "20240723"
}
],
"Bugzilla": [
{
"ID": "49573",
"Href": "https://bugzilla.altlinux.org/49573",
"Data": "dig: DoH support not enabled"
},
{
"ID": "51450",
"Href": "https://bugzilla.altlinux.org/51450",
"Data": "Невозможно получить статистику bind (rndc stats) со стандартным конфигурационным файлом"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202413685001",
"Comment": "bind is earlier than 0:9.18.30-alt0.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202413685002",
"Comment": "bind-devel is earlier than 0:9.18.30-alt0.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202413685003",
"Comment": "bind-utils is earlier than 0:9.18.30-alt0.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202413685004",
"Comment": "libbind is earlier than 0:9.18.30-alt0.c10f2.1"
}
]
}
]
}
}
]
}

24
oval/c10f1/ALT-PU-2023-5561/objects.json → oval/c10f1/ALT-PU-2024-13685/objects.json
View File

@ -25,28 +25,28 @@
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20235561001",
"ID": "oval:org.altlinux.errata:obj:202413685001",
"Version": "1",
"Comment": "python3-module-salt is installed",
"Name": "python3-module-salt"
"Comment": "bind is installed",
"Name": "bind"
},
{
"ID": "oval:org.altlinux.errata:obj:20235561002",
"ID": "oval:org.altlinux.errata:obj:202413685002",
"Version": "1",
"Comment": "salt-api is installed",
"Name": "salt-api"
"Comment": "bind-devel is installed",
"Name": "bind-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20235561003",
"ID": "oval:org.altlinux.errata:obj:202413685003",
"Version": "1",
"Comment": "salt-master is installed",
"Name": "salt-master"
"Comment": "bind-utils is installed",
"Name": "bind-utils"
},
{
"ID": "oval:org.altlinux.errata:obj:20235561004",
"ID": "oval:org.altlinux.errata:obj:202413685004",
"Version": "1",
"Comment": "salt-minion is installed",
"Name": "salt-minion"
"Comment": "libbind is installed",
"Name": "libbind"
}
]
}

23
oval/c10f1/ALT-PU-2024-13685/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202413685001",
"Version": "1",
"Comment": "package EVR is earlier than 0:9.18.30-alt0.c10f2.1",
"Arch": {},
"EVR": {
"Text": "0:9.18.30-alt0.c10f2.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

66
oval/c10f1/ALT-PU-2024-13685/tests.json Normal file
View File

@ -0,0 +1,66 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202413685001",
"Version": "1",
"Check": "all",
"Comment": "bind is earlier than 0:9.18.30-alt0.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202413685001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202413685001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202413685002",
"Version": "1",
"Check": "all",
"Comment": "bind-devel is earlier than 0:9.18.30-alt0.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202413685002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202413685001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202413685003",
"Version": "1",
"Check": "all",
"Comment": "bind-utils is earlier than 0:9.18.30-alt0.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202413685003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202413685001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202413685004",
"Version": "1",
"Check": "all",
"Comment": "libbind is earlier than 0:9.18.30-alt0.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202413685004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202413685001"
}
}
]
}

298
oval/c10f1/ALT-PU-2024-14136/definitions.json Normal file
View File

@ -0,0 +1,298 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414136",
"Version": "oval:org.altlinux.errata:def:202414136",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14136: package `ghostscript` update to version 10.04.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14136",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14136",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-03466",
"RefURL": "https://bdu.fstec.ru/vul/2023-03466",
"Source": "BDU"
},
{
"RefID": "BDU:2023-06329",
"RefURL": "https://bdu.fstec.ru/vul/2023-06329",
"Source": "BDU"
},
{
"RefID": "BDU:2023-07662",
"RefURL": "https://bdu.fstec.ru/vul/2023-07662",
"Source": "BDU"
},
{
"RefID": "BDU:2024-00187",
"RefURL": "https://bdu.fstec.ru/vul/2024-00187",
"Source": "BDU"
},
{
"RefID": "BDU:2024-05557",
"RefURL": "https://bdu.fstec.ru/vul/2024-05557",
"Source": "BDU"
},
{
"RefID": "BDU:2024-05558",
"RefURL": "https://bdu.fstec.ru/vul/2024-05558",
"Source": "BDU"
},
{
"RefID": "BDU:2024-05559",
"RefURL": "https://bdu.fstec.ru/vul/2024-05559",
"Source": "BDU"
},
{
"RefID": "CVE-2023-36664",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-36664",
"Source": "CVE"
},
{
"RefID": "CVE-2023-38559",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-38559",
"Source": "CVE"
},
{
"RefID": "CVE-2023-43115",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-43115",
"Source": "CVE"
},
{
"RefID": "CVE-2023-46751",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-46751",
"Source": "CVE"
},
{
"RefID": "CVE-2024-29506",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-29506",
"Source": "CVE"
},
{
"RefID": "CVE-2024-29508",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-29508",
"Source": "CVE"
},
{
"RefID": "CVE-2024-29509",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-29509",
"Source": "CVE"
}
],
"Description": "This update upgrades ghostscript to version 10.04.0-alt1. \nSecurity Fix(es):\n\n * BDU:2023-03466: Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, существующая из-за непринятия мер по нейтрализации специальных элементов, используемых в команде операционной системы, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-06329: Уязвимость компонента gdevijs.c набора программного обеспечения обработки документов Ghostscript, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-07662: Уязвимость функции devn_pcx_write_rle() компонента base/gdevdevn.c набора программного обеспечения обработки документов Ghostscript, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-00187: Уязвимость функции gdev_prn_open_printer_seekable() интерпретатора набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-05557: Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, связанная с переполнением буфера, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-05558: Уязвимость функции pdfi_apply_filter() набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю выполнить произвольный код, вызвать отказ в обслуживании или получить полный контроль над приложением\n\n * BDU:2024-05559: Уязвимость функции pdf_base_font_alloc() набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * CVE-2023-36664: Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).\n\n * CVE-2023-38559: A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.\n\n * CVE-2023-43115: In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server).\n\n * CVE-2023-46751: An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.\n\n * CVE-2024-29506: Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.\n\n * CVE-2024-29508: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.\n\n * CVE-2024-29509: Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \\000 byte in the middle.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-29"
},
"Updated": {
"Date": "2024-10-29"
},
"BDUs": [
{
"ID": "BDU:2023-03466",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-78, CWE-275",
"Href": "https://bdu.fstec.ru/vul/2023-03466",
"Impact": "High",
"Public": "20230625"
},
{
"ID": "BDU:2023-06329",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-94",
"Href": "https://bdu.fstec.ru/vul/2023-06329",
"Impact": "Critical",
"Public": "20230918"
},
{
"ID": "BDU:2023-07662",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-120",
"Href": "https://bdu.fstec.ru/vul/2023-07662",
"Impact": "Low",
"Public": "20230720"
},
{
"ID": "BDU:2024-00187",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-00187",
"Impact": "High",
"Public": "20231101"
},
{
"ID": "BDU:2024-05557",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"CWE": "CWE-122",
"Href": "https://bdu.fstec.ru/vul/2024-05557",
"Impact": "Low",
"Public": "20240124"
},
{
"ID": "BDU:2024-05558",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-121",
"Href": "https://bdu.fstec.ru/vul/2024-05558",
"Impact": "High",
"Public": "20240124"
},
{
"ID": "BDU:2024-05559",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-122, CWE-465, CWE-468",
"Href": "https://bdu.fstec.ru/vul/2024-05559",
"Impact": "High",
"Public": "20240124"
}
],
"CVEs": [
{
"ID": "CVE-2023-36664",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-36664",
"Impact": "High",
"Public": "20230625"
},
{
"ID": "CVE-2023-38559",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-38559",
"Impact": "Low",
"Public": "20230801"
},
{
"ID": "CVE-2023-43115",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-43115",
"Impact": "High",
"Public": "20230918"
},
{
"ID": "CVE-2023-46751",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-46751",
"Impact": "High",
"Public": "20231206"
},
{
"ID": "CVE-2024-29506",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-29506",
"Impact": "High",
"Public": "20240703"
},
{
"ID": "CVE-2024-29508",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-29508",
"Impact": "Low",
"Public": "20240703"
},
{
"ID": "CVE-2024-29509",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-29509",
"Impact": "High",
"Public": "20240703"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414136001",
"Comment": "ghostscript is earlier than 0:10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136002",
"Comment": "ghostscript-classic is earlier than 0:10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136003",
"Comment": "ghostscript-common is earlier than 0:10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136004",
"Comment": "ghostscript-gtk is earlier than 0:10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136005",
"Comment": "ghostscript-module-X is earlier than 0:10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136006",
"Comment": "ghostscript-utils is earlier than 0:10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136007",
"Comment": "libgs is earlier than 0:10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136008",
"Comment": "libgs-devel is earlier than 0:10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136009",
"Comment": "libijs is earlier than 0:0.35_10.04.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414136010",
"Comment": "libijs-devel is earlier than 0:10.04.0-alt1"
}
]
}
]
}
}
]
}

88
oval/c10f1/ALT-PU-2024-14136/objects.json Normal file
View File

@ -0,0 +1,88 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414136001",
"Version": "1",
"Comment": "ghostscript is installed",
"Name": "ghostscript"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136002",
"Version": "1",
"Comment": "ghostscript-classic is installed",
"Name": "ghostscript-classic"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136003",
"Version": "1",
"Comment": "ghostscript-common is installed",
"Name": "ghostscript-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136004",
"Version": "1",
"Comment": "ghostscript-gtk is installed",
"Name": "ghostscript-gtk"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136005",
"Version": "1",
"Comment": "ghostscript-module-X is installed",
"Name": "ghostscript-module-X"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136006",
"Version": "1",
"Comment": "ghostscript-utils is installed",
"Name": "ghostscript-utils"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136007",
"Version": "1",
"Comment": "libgs is installed",
"Name": "libgs"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136008",
"Version": "1",
"Comment": "libgs-devel is installed",
"Name": "libgs-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136009",
"Version": "1",
"Comment": "libijs is installed",
"Name": "libijs"
},
{
"ID": "oval:org.altlinux.errata:obj:202414136010",
"Version": "1",
"Comment": "libijs-devel is installed",
"Name": "libijs-devel"
}
]
}

35
oval/c10f1/ALT-PU-2024-14136/states.json Normal file
View File

@ -0,0 +1,35 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414136001",
"Version": "1",
"Comment": "package EVR is earlier than 0:10.04.0-alt1",
"Arch": {},
"EVR": {
"Text": "0:10.04.0-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
},
{
"ID": "oval:org.altlinux.errata:ste:202414136002",
"Version": "1",
"Comment": "package EVR is earlier than 0:0.35_10.04.0-alt1",
"Arch": {},
"EVR": {
"Text": "0:0.35_10.04.0-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

138
oval/c10f1/ALT-PU-2024-14136/tests.json Normal file
View File

@ -0,0 +1,138 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414136001",
"Version": "1",
"Check": "all",
"Comment": "ghostscript is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136002",
"Version": "1",
"Check": "all",
"Comment": "ghostscript-classic is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136003",
"Version": "1",
"Check": "all",
"Comment": "ghostscript-common is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136004",
"Version": "1",
"Check": "all",
"Comment": "ghostscript-gtk is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136005",
"Version": "1",
"Check": "all",
"Comment": "ghostscript-module-X is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136006",
"Version": "1",
"Check": "all",
"Comment": "ghostscript-utils is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136007",
"Version": "1",
"Check": "all",
"Comment": "libgs is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136008",
"Version": "1",
"Check": "all",
"Comment": "libgs-devel is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136009",
"Version": "1",
"Check": "all",
"Comment": "libijs is earlier than 0:0.35_10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136002"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414136010",
"Version": "1",
"Check": "all",
"Comment": "libijs-devel is earlier than 0:10.04.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414136010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414136001"
}
}
]
}

121
oval/c10f1/ALT-PU-2024-14487/definitions.json Normal file
View File

@ -0,0 +1,121 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414487",
"Version": "oval:org.altlinux.errata:def:202414487",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14487: package `opensc` update to version 0.25.1-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14487",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14487",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-03243",
"RefURL": "https://bdu.fstec.ru/vul/2024-03243",
"Source": "BDU"
},
{
"RefID": "CVE-2023-5992",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-5992",
"Source": "CVE"
},
{
"RefID": "CVE-2024-1454",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1454",
"Source": "CVE"
}
],
"Description": "This update upgrades opensc to version 0.25.1-alt1. \nSecurity Fix(es):\n\n * BDU:2024-03243: Уязвимость драйвера AuthentIC набора программных инструментов и библиотек для работы со смарт-картами OpenSC, позволяющая нарушителю позволить скомпрометировать операции по управлению картами\n\n * CVE-2023-5992: A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.\n\n * CVE-2024-1454: The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or smart card to present the system with specially crafted responses to the APDUs, which are considered high complexity and low severity. This manipulation can allow for compromised card management operations during enrolment.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-24"
},
"Updated": {
"Date": "2024-10-24"
},
"BDUs": [
{
"ID": "BDU:2024-03243",
"CVSS": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-03243",
"Impact": "Low",
"Public": "20240212"
}
],
"CVEs": [
{
"ID": "CVE-2023-5992",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-203",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-5992",
"Impact": "Low",
"Public": "20240131"
},
{
"ID": "CVE-2024-1454",
"CVSS3": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1454",
"Impact": "Low",
"Public": "20240212"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414487001",
"Comment": "libopensc is earlier than 0:0.25.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414487002",
"Comment": "libopensc-devel is earlier than 0:0.25.1-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414487003",
"Comment": "opensc is earlier than 0:0.25.1-alt1"
}
]
}
]
}
}
]
}

46
oval/c10f1/ALT-PU-2024-14487/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414487001",
"Version": "1",
"Comment": "libopensc is installed",
"Name": "libopensc"
},
{
"ID": "oval:org.altlinux.errata:obj:202414487002",
"Version": "1",
"Comment": "libopensc-devel is installed",
"Name": "libopensc-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202414487003",
"Version": "1",
"Comment": "opensc is installed",
"Name": "opensc"
}
]
}

6
oval/c10f1/ALT-PU-2024-12456/states.json → oval/c10f1/ALT-PU-2024-14487/states.json
View File

@ -8,12 +8,12 @@
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412456001",
"ID": "oval:org.altlinux.errata:ste:202414487001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.20.7-alt1",
"Comment": "package EVR is earlier than 0:0.25.1-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.20.7-alt1",
"Text": "0:0.25.1-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},

54
oval/c10f1/ALT-PU-2024-14487/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414487001",
"Version": "1",
"Check": "all",
"Comment": "libopensc is earlier than 0:0.25.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414487001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414487001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414487002",
"Version": "1",
"Check": "all",
"Comment": "libopensc-devel is earlier than 0:0.25.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414487002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414487001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414487003",
"Version": "1",
"Check": "all",
"Comment": "opensc is earlier than 0:0.25.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414487003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414487001"
}
}
]
}

251
oval/c10f1/ALT-PU-2024-14497/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

82
oval/c10f1/ALT-PU-2024-14497/objects.json Normal file
View File

@ -0,0 +1,82 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414497001",
"Version": "1",
"Comment": "libpython3 is installed",
"Name": "libpython3"
},
{
"ID": "oval:org.altlinux.errata:obj:202414497002",
"Version": "1",
"Comment": "python3 is installed",
"Name": "python3"
},
{
"ID": "oval:org.altlinux.errata:obj:202414497003",
"Version": "1",
"Comment": "python3-base is installed",
"Name": "python3-base"
},
{
"ID": "oval:org.altlinux.errata:obj:202414497004",
"Version": "1",
"Comment": "python3-dev is installed",
"Name": "python3-dev"
},
{
"ID": "oval:org.altlinux.errata:obj:202414497005",
"Version": "1",
"Comment": "python3-modules-curses is installed",
"Name": "python3-modules-curses"
},
{
"ID": "oval:org.altlinux.errata:obj:202414497006",
"Version": "1",
"Comment": "python3-modules-sqlite3 is installed",
"Name": "python3-modules-sqlite3"
},
{
"ID": "oval:org.altlinux.errata:obj:202414497007",
"Version": "1",
"Comment": "python3-modules-tkinter is installed",
"Name": "python3-modules-tkinter"
},
{
"ID": "oval:org.altlinux.errata:obj:202414497008",
"Version": "1",
"Comment": "python3-test is installed",
"Name": "python3-test"
},
{
"ID": "oval:org.altlinux.errata:obj:202414497009",
"Version": "1",
"Comment": "python3-tools is installed",
"Name": "python3-tools"
}
]
}

23
oval/c10f1/ALT-PU-2024-14497/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414497001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3.9.20-alt0.c10f1.1",
"Arch": {},
"EVR": {
"Text": "0:3.9.20-alt0.c10f1.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

126
oval/c10f1/ALT-PU-2024-14497/tests.json Normal file
View File

@ -0,0 +1,126 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414497001",
"Version": "1",
"Check": "all",
"Comment": "libpython3 is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414497002",
"Version": "1",
"Check": "all",
"Comment": "python3 is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414497003",
"Version": "1",
"Check": "all",
"Comment": "python3-base is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414497004",
"Version": "1",
"Check": "all",
"Comment": "python3-dev is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414497005",
"Version": "1",
"Check": "all",
"Comment": "python3-modules-curses is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414497006",
"Version": "1",
"Check": "all",
"Comment": "python3-modules-sqlite3 is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414497007",
"Version": "1",
"Check": "all",
"Comment": "python3-modules-tkinter is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414497008",
"Version": "1",
"Check": "all",
"Comment": "python3-test is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414497009",
"Version": "1",
"Check": "all",
"Comment": "python3-tools is earlier than 0:3.9.20-alt0.c10f1.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414497009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414497001"
}
}
]
}

86
oval/c10f1/ALT-PU-2024-14538/definitions.json Normal file
View File

@ -0,0 +1,86 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414538",
"Version": "oval:org.altlinux.errata:def:202414538",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14538: package `python3-module-rencode` update to version 1.0.6-alt3",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14538",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14538",
"Source": "ALTPU"
},
{
"RefID": "CVE-2021-40839",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-40839",
"Source": "CVE"
}
],
"Description": "This update upgrades python3-module-rencode to version 1.0.6-alt3. \nSecurity Fix(es):\n\n * CVE-2021-40839: The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\\x2f\\x7f), enabling a remote attack that consumes CPU and memory.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-25"
},
"Updated": {
"Date": "2024-10-25"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2021-40839",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-835",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-40839",
"Impact": "High",
"Public": "20210910"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414538001",
"Comment": "python3-module-rencode is earlier than 0:1.0.6-alt3"
}
]
}
]
}
}
]
}

34
oval/c10f1/ALT-PU-2024-14538/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414538001",
"Version": "1",
"Comment": "python3-module-rencode is installed",
"Name": "python3-module-rencode"
}
]
}

6
oval/c10f1/ALT-PU-2023-5061/states.json → oval/c10f1/ALT-PU-2024-14538/states.json
View File

@ -8,12 +8,12 @@
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20235061001",
"ID": "oval:org.altlinux.errata:ste:202414538001",
"Version": "1",
"Comment": "package EVR is earlier than 0:7.0.12-alt1",
"Comment": "package EVR is earlier than 0:1.0.6-alt3",
"Arch": {},
"EVR": {
"Text": "0:7.0.12-alt1",
"Text": "0:1.0.6-alt3",
"Datatype": "evr_string",
"Operation": "less than"
},

30
oval/c10f1/ALT-PU-2024-14538/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414538001",
"Version": "1",
"Check": "all",
"Comment": "python3-module-rencode is earlier than 0:1.0.6-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414538001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414538001"
}
}
]
}

111
oval/c10f1/ALT-PU-2024-14552/definitions.json Normal file
View File

@ -0,0 +1,111 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414552",
"Version": "oval:org.altlinux.errata:def:202414552",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14552: package `nano` update to version 8.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14552",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14552",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-06879",
"RefURL": "https://bdu.fstec.ru/vul/2024-06879",
"Source": "BDU"
},
{
"RefID": "CVE-2024-5742",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-5742",
"Source": "CVE"
}
],
"Description": "This update upgrades nano to version 8.0-alt1. \nSecurity Fix(es):\n\n * BDU:2024-06879: Уязвимость текстового редактора Nano, связанная с ошибками обработки временных файлов, позволяющая нарушителю оказать воздействие на целостность данных\n\n * CVE-2024-5742: A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.\n\n * #50609: Прошу обновить пакет nano до версии 8.0",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-24"
},
"Updated": {
"Date": "2024-10-24"
},
"BDUs": [
{
"ID": "BDU:2024-06879",
"CVSS": "AV:L/AC:H/Au:S/C:N/I:C/A:N",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-377",
"Href": "https://bdu.fstec.ru/vul/2024-06879",
"Impact": "Low",
"Public": "20240412"
}
],
"CVEs": [
{
"ID": "CVE-2024-5742",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-59",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5742",
"Impact": "Low",
"Public": "20240612"
}
],
"Bugzilla": [
{
"ID": "50609",
"Href": "https://bugzilla.altlinux.org/50609",
"Data": "Прошу обновить пакет nano до версии 8.0"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414552001",
"Comment": "nano is earlier than 0:8.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414552002",
"Comment": "nano-desktop is earlier than 0:8.0-alt1"
}
]
}
]
}
}
]
}

12
oval/c10f1/ALT-PU-2023-5307/objects.json → oval/c10f1/ALT-PU-2024-14552/objects.json
View File

@ -25,16 +25,16 @@
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20235307001",
"ID": "oval:org.altlinux.errata:obj:202414552001",
"Version": "1",
"Comment": "realmd is installed",
"Name": "realmd"
"Comment": "nano is installed",
"Name": "nano"
},
{
"ID": "oval:org.altlinux.errata:obj:20235307002",
"ID": "oval:org.altlinux.errata:obj:202414552002",
"Version": "1",
"Comment": "realmd-devel-docs is installed",
"Name": "realmd-devel-docs"
"Comment": "nano-desktop is installed",
"Name": "nano-desktop"
}
]
}

6
oval/c10f1/ALT-PU-2023-5561/states.json → oval/c10f1/ALT-PU-2024-14552/states.json
View File

@ -8,12 +8,12 @@
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20235561001",
"ID": "oval:org.altlinux.errata:ste:202414552001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3006.3-alt2",
"Comment": "package EVR is earlier than 0:8.0-alt1",
"Arch": {},
"EVR": {
"Text": "0:3006.3-alt2",
"Text": "0:8.0-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},

16
oval/c10f1/ALT-PU-2023-5307/tests.json → oval/c10f1/ALT-PU-2024-14552/tests.json
View File

@ -15,27 +15,27 @@
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20235307001",
"ID": "oval:org.altlinux.errata:tst:202414552001",
"Version": "1",
"Check": "all",
"Comment": "realmd is earlier than 0:0.17.1-alt5",
"Comment": "nano is earlier than 0:8.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235307001"
"ObjectRef": "oval:org.altlinux.errata:obj:202414552001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235307001"
"StateRef": "oval:org.altlinux.errata:ste:202414552001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20235307002",
"ID": "oval:org.altlinux.errata:tst:202414552002",
"Version": "1",
"Check": "all",
"Comment": "realmd-devel-docs is earlier than 0:0.17.1-alt5",
"Comment": "nano-desktop is earlier than 0:8.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20235307002"
"ObjectRef": "oval:org.altlinux.errata:obj:202414552002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20235307001"
"StateRef": "oval:org.altlinux.errata:ste:202414552001"
}
}
]

109
oval/c10f1/ALT-PU-2024-14578/definitions.json Normal file
View File

@ -0,0 +1,109 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414578",
"Version": "oval:org.altlinux.errata:def:202414578",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14578: package `openvpn-gostcrypto` update to version 2.4.9-alt4",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14578",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14578",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-02221",
"RefURL": "https://bdu.fstec.ru/vul/2021-02221",
"Source": "BDU"
},
{
"RefID": "CVE-2020-15078",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15078",
"Source": "CVE"
}
],
"Description": "This update upgrades openvpn-gostcrypto to version 2.4.9-alt4. \nSecurity Fix(es):\n\n * BDU:2021-02221: Уязвимость функции отложенной аутентификации deferred_auth программного обеспечения OpenVPN, позволяющая нарушителю вынудить сервер вернуть сообщение PUSH_REPLY c данными о настройках VPN до отправки сообщения AUTH_FAILED\n\n * CVE-2020-15078: OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-24"
},
"Updated": {
"Date": "2024-10-24"
},
"BDUs": [
{
"ID": "BDU:2021-02221",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-305",
"Href": "https://bdu.fstec.ru/vul/2021-02221",
"Impact": "Low",
"Public": "20210422"
}
],
"CVEs": [
{
"ID": "CVE-2020-15078",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-306",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15078",
"Impact": "High",
"Public": "20210426"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414578001",
"Comment": "openvpn-docs-gostcrypto is earlier than 0:2.4.9-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414578002",
"Comment": "openvpn-gostcrypto is earlier than 0:2.4.9-alt4"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414578003",
"Comment": "openvpn-plugins-gostcrypto is earlier than 0:2.4.9-alt4"
}
]
}
]
}
}
]
}

46
oval/c10f1/ALT-PU-2024-14578/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414578001",
"Version": "1",
"Comment": "openvpn-docs-gostcrypto is installed",
"Name": "openvpn-docs-gostcrypto"
},
{
"ID": "oval:org.altlinux.errata:obj:202414578002",
"Version": "1",
"Comment": "openvpn-gostcrypto is installed",
"Name": "openvpn-gostcrypto"
},
{
"ID": "oval:org.altlinux.errata:obj:202414578003",
"Version": "1",
"Comment": "openvpn-plugins-gostcrypto is installed",
"Name": "openvpn-plugins-gostcrypto"
}
]
}

6
oval/c10f1/ALT-PU-2024-9690/states.json → oval/c10f1/ALT-PU-2024-14578/states.json
View File

@ -8,12 +8,12 @@
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20249690001",
"ID": "oval:org.altlinux.errata:ste:202414578001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3.23.2-alt3",
"Comment": "package EVR is earlier than 0:2.4.9-alt4",
"Arch": {},
"EVR": {
"Text": "0:3.23.2-alt3",
"Text": "0:2.4.9-alt4",
"Datatype": "evr_string",
"Operation": "less than"
},

54
oval/c10f1/ALT-PU-2024-14578/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414578001",
"Version": "1",
"Check": "all",
"Comment": "openvpn-docs-gostcrypto is earlier than 0:2.4.9-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414578001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414578001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414578002",
"Version": "1",
"Check": "all",
"Comment": "openvpn-gostcrypto is earlier than 0:2.4.9-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414578002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414578001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414578003",
"Version": "1",
"Check": "all",
"Comment": "openvpn-plugins-gostcrypto is earlier than 0:2.4.9-alt4",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414578003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414578001"
}
}
]
}

101
oval/c10f1/ALT-PU-2024-14690/definitions.json Normal file
View File

@ -0,0 +1,101 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414690",
"Version": "oval:org.altlinux.errata:def:202414690",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14690: package `python3-module-bottle` update to version 0.12.25-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14690",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14690",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-04113",
"RefURL": "https://bdu.fstec.ru/vul/2024-04113",
"Source": "BDU"
},
{
"RefID": "CVE-2022-31799",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-31799",
"Source": "CVE"
}
],
"Description": "This update upgrades python3-module-bottle to version 0.12.25-alt1. \nSecurity Fix(es):\n\n * BDU:2024-04113: Уязвимость микровеб-фреймворк WSGI для Python Bottle, связанная с неправильным обращением с исключительными условиями, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2022-31799: Bottle before 0.12.20 mishandles errors during early request binding.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-28"
},
"Updated": {
"Date": "2024-10-28"
},
"BDUs": [
{
"ID": "BDU:2024-04113",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-755",
"Href": "https://bdu.fstec.ru/vul/2024-04113",
"Impact": "Critical",
"Public": "20220602"
}
],
"CVEs": [
{
"ID": "CVE-2022-31799",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-755",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-31799",
"Impact": "Critical",
"Public": "20220602"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414690001",
"Comment": "python3-module-bottle is earlier than 1:0.12.25-alt1"
}
]
}
]
}
}
]
}

10
oval/c9f2/ALT-PU-2023-5789/objects.json → oval/c10f1/ALT-PU-2024-14690/objects.json
View File

@ -1,7 +1,7 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
@ -15,7 +15,7 @@
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
@ -25,10 +25,10 @@
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20235789001",
"ID": "oval:org.altlinux.errata:obj:202414690001",
"Version": "1",
"Comment": "zabbix-preinstall is installed",
"Name": "zabbix-preinstall"
"Comment": "python3-module-bottle is installed",
"Name": "python3-module-bottle"
}
]
}

6
oval/c10f1/ALT-PU-2023-4519/states.json → oval/c10f1/ALT-PU-2024-14690/states.json
View File

@ -8,12 +8,12 @@
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20234519001",
"ID": "oval:org.altlinux.errata:ste:202414690001",
"Version": "1",
"Comment": "package EVR is earlier than 0:4.16.11-alt1",
"Comment": "package EVR is earlier than 1:0.12.25-alt1",
"Arch": {},
"EVR": {
"Text": "0:4.16.11-alt1",
"Text": "1:0.12.25-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},

30
oval/c10f1/ALT-PU-2024-14690/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414690001",
"Version": "1",
"Check": "all",
"Comment": "python3-module-bottle is earlier than 1:0.12.25-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414690001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414690001"
}
}
]
}

108
oval/c10f1/ALT-PU-2024-14692/definitions.json Normal file
View File

@ -0,0 +1,108 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414692",
"Version": "oval:org.altlinux.errata:def:202414692",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14692: package `gem-rexml` update to version 3.3.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14692",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14692",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-07429",
"RefURL": "https://bdu.fstec.ru/vul/2024-07429",
"Source": "BDU"
},
{
"RefID": "CVE-2024-41123",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41123",
"Source": "CVE"
}
],
"Description": "This update upgrades gem-rexml to version 3.3.2-alt1. \nSecurity Fix(es):\n\n * BDU:2024-07429: Уязвимость набора инструментов XML для Ruby REXML, связанная с неконтролируемым потреблением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2024-41123: REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, `\u003e]` and `]\u003e`. The REXML gem 3.3.3 or later include the patches to fix these vulnerabilities.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-25"
},
"Updated": {
"Date": "2024-10-25"
},
"BDUs": [
{
"ID": "BDU:2024-07429",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400",
"Href": "https://bdu.fstec.ru/vul/2024-07429",
"Impact": "High",
"Public": "20240801"
}
],
"CVEs": [
{
"ID": "CVE-2024-41123",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-41123",
"Impact": "High",
"Public": "20240801"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414692001",
"Comment": "gem-rexml is earlier than 0:3.3.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414692002",
"Comment": "gem-rexml-devel is earlier than 0:3.3.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414692003",
"Comment": "gem-rexml-doc is earlier than 0:3.3.2-alt1"
}
]
}
]
}
}
]
}

46
oval/c10f1/ALT-PU-2024-14692/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414692001",
"Version": "1",
"Comment": "gem-rexml is installed",
"Name": "gem-rexml"
},
{
"ID": "oval:org.altlinux.errata:obj:202414692002",
"Version": "1",
"Comment": "gem-rexml-devel is installed",
"Name": "gem-rexml-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202414692003",
"Version": "1",
"Comment": "gem-rexml-doc is installed",
"Name": "gem-rexml-doc"
}
]
}

6
oval/c10f1/ALT-PU-2023-5307/states.json → oval/c10f1/ALT-PU-2024-14692/states.json
View File

@ -8,12 +8,12 @@
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20235307001",
"ID": "oval:org.altlinux.errata:ste:202414692001",
"Version": "1",
"Comment": "package EVR is earlier than 0:0.17.1-alt5",
"Comment": "package EVR is earlier than 0:3.3.2-alt1",
"Arch": {},
"EVR": {
"Text": "0:0.17.1-alt5",
"Text": "0:3.3.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},

54
oval/c10f1/ALT-PU-2024-14692/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414692001",
"Version": "1",
"Check": "all",
"Comment": "gem-rexml is earlier than 0:3.3.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414692001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414692001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414692002",
"Version": "1",
"Check": "all",
"Comment": "gem-rexml-devel is earlier than 0:3.3.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414692002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414692001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414692003",
"Version": "1",
"Check": "all",
"Comment": "gem-rexml-doc is earlier than 0:3.3.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414692003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414692001"
}
}
]
}

297
oval/c10f1/ALT-PU-2024-14696/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

18
oval/c10f1/ALT-PU-2023-5061/objects.json → oval/c10f1/ALT-PU-2024-14696/objects.json
View File

@ -25,22 +25,22 @@
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20235061001",
"ID": "oval:org.altlinux.errata:obj:202414696001",
"Version": "1",
"Comment": "redis is installed",
"Name": "redis"
"Comment": "node is installed",
"Name": "node"
},
{
"ID": "oval:org.altlinux.errata:obj:20235061002",
"ID": "oval:org.altlinux.errata:obj:202414696002",
"Version": "1",
"Comment": "redis-cli is installed",
"Name": "redis-cli"
"Comment": "node-devel is installed",
"Name": "node-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20235061003",
"ID": "oval:org.altlinux.errata:obj:202414696003",
"Version": "1",
"Comment": "redis-devel is installed",
"Name": "redis-devel"
"Comment": "node-doc is installed",
"Name": "node-doc"
}
]
}

23
oval/c10f1/ALT-PU-2024-14696/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414696001",
"Version": "1",
"Comment": "package EVR is earlier than 0:16.20.2-alt1",
"Arch": {},
"EVR": {
"Text": "0:16.20.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/c10f1/ALT-PU-2024-14696/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414696001",
"Version": "1",
"Check": "all",
"Comment": "node is earlier than 0:16.20.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414696001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414696001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414696002",
"Version": "1",
"Check": "all",
"Comment": "node-devel is earlier than 0:16.20.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414696002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414696001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414696003",
"Version": "1",
"Check": "all",
"Comment": "node-doc is earlier than 0:16.20.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414696003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414696001"
}
}
]
}

227
oval/c10f1/ALT-PU-2024-14700/definitions.json Normal file
View File

@ -0,0 +1,227 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414700",
"Version": "oval:org.altlinux.errata:def:202414700",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14700: package `virtualbox` update to version 7.0.20-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14700",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14700",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-06577",
"RefURL": "https://bdu.fstec.ru/vul/2024-06577",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06650",
"RefURL": "https://bdu.fstec.ru/vul/2024-06650",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06651",
"RefURL": "https://bdu.fstec.ru/vul/2024-06651",
"Source": "BDU"
},
{
"RefID": "CVE-2024-21141",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21141",
"Source": "CVE"
},
{
"RefID": "CVE-2024-21161",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21161",
"Source": "CVE"
},
{
"RefID": "CVE-2024-21164",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21164",
"Source": "CVE"
}
],
"Description": "This update upgrades virtualbox to version 7.0.20-alt1. \nSecurity Fix(es):\n\n * BDU:2024-06577: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ на чтение, изменение или удаление данных и вызвать отказ в обслуживании\n\n * BDU:2024-06650: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2024-06651: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2024-21141: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).\n\n * CVE-2024-21161: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n * CVE-2024-21164: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 2.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N).\n\n * #44367: VirtualBox: Отсутствуют файлы справки /usr/share/doc/virtualbox-doc-\u003cверсия\u003e/UserManual.qhc\n\n * #45732: Не указано требование к версии yasm\n\n * #48893: FTBFS",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-28"
},
"Updated": {
"Date": "2024-10-28"
},
"BDUs": [
{
"ID": "BDU:2024-06577",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2024-06577",
"Impact": "High",
"Public": "20240716"
},
{
"ID": "BDU:2024-06650",
"CVSS": "AV:L/AC:H/Au:M/C:P/I:N/A:N",
"CVSS3": "AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2024-06650",
"Impact": "Low",
"Public": "20240716"
},
{
"ID": "BDU:2024-06651",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-404",
"Href": "https://bdu.fstec.ru/vul/2024-06651",
"Impact": "Low",
"Public": "20240716"
}
],
"CVEs": [
{
"ID": "CVE-2024-21141",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21141",
"Impact": "High",
"Public": "20240716"
},
{
"ID": "CVE-2024-21161",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21161",
"Impact": "Low",
"Public": "20240716"
},
{
"ID": "CVE-2024-21164",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21164",
"Impact": "Low",
"Public": "20240716"
}
],
"Bugzilla": [
{
"ID": "44367",
"Href": "https://bugzilla.altlinux.org/44367",
"Data": "VirtualBox: Отсутствуют файлы справки /usr/share/doc/virtualbox-doc-\u003cверсия\u003e/UserManual.qhc"
},
{
"ID": "45732",
"Href": "https://bugzilla.altlinux.org/45732",
"Data": "Не указано требование к версии yasm"
},
{
"ID": "48893",
"Href": "https://bugzilla.altlinux.org/48893",
"Data": "FTBFS"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414700001",
"Comment": "kernel-source-vboxdrv is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700002",
"Comment": "kernel-source-vboxguest is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700003",
"Comment": "kernel-source-vboxnetadp is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700004",
"Comment": "kernel-source-vboxnetflt is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700005",
"Comment": "kernel-source-vboxsf is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700006",
"Comment": "kernel-source-vboxvideo is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700007",
"Comment": "virtualbox is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700008",
"Comment": "virtualbox-common is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700009",
"Comment": "virtualbox-doc is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700010",
"Comment": "virtualbox-guest-additions is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700011",
"Comment": "virtualbox-guest-common is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700012",
"Comment": "virtualbox-guest-utils is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700013",
"Comment": "virtualbox-sdk is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700014",
"Comment": "virtualbox-sdk-xpcom is earlier than 0:7.0.20-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414700015",
"Comment": "virtualbox-webservice is earlier than 0:7.0.20-alt1"
}
]
}
]
}
}
]
}

118
oval/c10f1/ALT-PU-2024-14700/objects.json Normal file
View File

@ -0,0 +1,118 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414700001",
"Version": "1",
"Comment": "kernel-source-vboxdrv is installed",
"Name": "kernel-source-vboxdrv"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700002",
"Version": "1",
"Comment": "kernel-source-vboxguest is installed",
"Name": "kernel-source-vboxguest"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700003",
"Version": "1",
"Comment": "kernel-source-vboxnetadp is installed",
"Name": "kernel-source-vboxnetadp"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700004",
"Version": "1",
"Comment": "kernel-source-vboxnetflt is installed",
"Name": "kernel-source-vboxnetflt"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700005",
"Version": "1",
"Comment": "kernel-source-vboxsf is installed",
"Name": "kernel-source-vboxsf"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700006",
"Version": "1",
"Comment": "kernel-source-vboxvideo is installed",
"Name": "kernel-source-vboxvideo"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700007",
"Version": "1",
"Comment": "virtualbox is installed",
"Name": "virtualbox"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700008",
"Version": "1",
"Comment": "virtualbox-common is installed",
"Name": "virtualbox-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700009",
"Version": "1",
"Comment": "virtualbox-doc is installed",
"Name": "virtualbox-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700010",
"Version": "1",
"Comment": "virtualbox-guest-additions is installed",
"Name": "virtualbox-guest-additions"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700011",
"Version": "1",
"Comment": "virtualbox-guest-common is installed",
"Name": "virtualbox-guest-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700012",
"Version": "1",
"Comment": "virtualbox-guest-utils is installed",
"Name": "virtualbox-guest-utils"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700013",
"Version": "1",
"Comment": "virtualbox-sdk is installed",
"Name": "virtualbox-sdk"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700014",
"Version": "1",
"Comment": "virtualbox-sdk-xpcom is installed",
"Name": "virtualbox-sdk-xpcom"
},
{
"ID": "oval:org.altlinux.errata:obj:202414700015",
"Version": "1",
"Comment": "virtualbox-webservice is installed",
"Name": "virtualbox-webservice"
}
]
}

23
oval/c10f1/ALT-PU-2024-14700/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414700001",
"Version": "1",
"Comment": "package EVR is earlier than 0:7.0.20-alt1",
"Arch": {},
"EVR": {
"Text": "0:7.0.20-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

198
oval/c10f1/ALT-PU-2024-14700/tests.json Normal file
View File

@ -0,0 +1,198 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414700001",
"Version": "1",
"Check": "all",
"Comment": "kernel-source-vboxdrv is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700002",
"Version": "1",
"Check": "all",
"Comment": "kernel-source-vboxguest is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700003",
"Version": "1",
"Check": "all",
"Comment": "kernel-source-vboxnetadp is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700004",
"Version": "1",
"Check": "all",
"Comment": "kernel-source-vboxnetflt is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700005",
"Version": "1",
"Check": "all",
"Comment": "kernel-source-vboxsf is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700006",
"Version": "1",
"Check": "all",
"Comment": "kernel-source-vboxvideo is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700007",
"Version": "1",
"Check": "all",
"Comment": "virtualbox is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700008",
"Version": "1",
"Check": "all",
"Comment": "virtualbox-common is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700009",
"Version": "1",
"Check": "all",
"Comment": "virtualbox-doc is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700010",
"Version": "1",
"Check": "all",
"Comment": "virtualbox-guest-additions is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700011",
"Version": "1",
"Check": "all",
"Comment": "virtualbox-guest-common is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700012",
"Version": "1",
"Check": "all",
"Comment": "virtualbox-guest-utils is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700013",
"Version": "1",
"Check": "all",
"Comment": "virtualbox-sdk is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700014",
"Version": "1",
"Check": "all",
"Comment": "virtualbox-sdk-xpcom is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414700015",
"Version": "1",
"Check": "all",
"Comment": "virtualbox-webservice is earlier than 0:7.0.20-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414700015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414700001"
}
}
]
}

154
oval/c10f1/ALT-PU-2024-14702/definitions.json Normal file
View File

@ -0,0 +1,154 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414702",
"Version": "oval:org.altlinux.errata:def:202414702",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14702: package `kernel-modules-virtualbox-un-def` update to version 7.0.20-alt1.393584.0.c10f.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14702",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14702",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-06577",
"RefURL": "https://bdu.fstec.ru/vul/2024-06577",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06650",
"RefURL": "https://bdu.fstec.ru/vul/2024-06650",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06651",
"RefURL": "https://bdu.fstec.ru/vul/2024-06651",
"Source": "BDU"
},
{
"RefID": "CVE-2024-21141",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21141",
"Source": "CVE"
},
{
"RefID": "CVE-2024-21161",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21161",
"Source": "CVE"
},
{
"RefID": "CVE-2024-21164",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21164",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-modules-virtualbox-un-def to version 7.0.20-alt1.393584.0.c10f.1. \nSecurity Fix(es):\n\n * BDU:2024-06577: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ на чтение, изменение или удаление данных и вызвать отказ в обслуживании\n\n * BDU:2024-06650: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2024-06651: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2024-21141: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).\n\n * CVE-2024-21161: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n * CVE-2024-21164: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 2.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N).",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-28"
},
"Updated": {
"Date": "2024-10-28"
},
"BDUs": [
{
"ID": "BDU:2024-06577",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2024-06577",
"Impact": "High",
"Public": "20240716"
},
{
"ID": "BDU:2024-06650",
"CVSS": "AV:L/AC:H/Au:M/C:P/I:N/A:N",
"CVSS3": "AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2024-06650",
"Impact": "Low",
"Public": "20240716"
},
{
"ID": "BDU:2024-06651",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-404",
"Href": "https://bdu.fstec.ru/vul/2024-06651",
"Impact": "Low",
"Public": "20240716"
}
],
"CVEs": [
{
"ID": "CVE-2024-21141",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21141",
"Impact": "High",
"Public": "20240716"
},
{
"ID": "CVE-2024-21161",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21161",
"Impact": "Low",
"Public": "20240716"
},
{
"ID": "CVE-2024-21164",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21164",
"Impact": "Low",
"Public": "20240716"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414702001",
"Comment": "kernel-modules-virtualbox-un-def is earlier than 0:7.0.20-alt1.393584.0.c10f.1"
}
]
}
]
}
}
]
}

12
oval/c10f1/ALT-PU-2024-11074/objects.json → oval/c10f1/ALT-PU-2024-14702/objects.json
View File

@ -25,16 +25,10 @@
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411074001",
"ID": "oval:org.altlinux.errata:obj:202414702001",
"Version": "1",
"Comment": "python-module-six is installed",
"Name": "python-module-six"
},
{
"ID": "oval:org.altlinux.errata:obj:202411074002",
"Version": "1",
"Comment": "python3-module-six is installed",
"Name": "python3-module-six"
"Comment": "kernel-modules-virtualbox-un-def is installed",
"Name": "kernel-modules-virtualbox-un-def"
}
]
}

23
oval/c10f1/ALT-PU-2024-14702/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414702001",
"Version": "1",
"Comment": "package EVR is earlier than 0:7.0.20-alt1.393584.0.c10f.1",
"Arch": {},
"EVR": {
"Text": "0:7.0.20-alt1.393584.0.c10f.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f1/ALT-PU-2024-14702/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414702001",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-virtualbox-un-def is earlier than 0:7.0.20-alt1.393584.0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414702001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414702001"
}
}
]
}

154
oval/c10f1/ALT-PU-2024-14703/definitions.json Normal file
View File

@ -0,0 +1,154 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414703",
"Version": "oval:org.altlinux.errata:def:202414703",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14703: package `kernel-modules-virtualbox-addition-un-def` update to version 7.0.20-alt1.393584.0.c10f.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14703",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14703",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-06577",
"RefURL": "https://bdu.fstec.ru/vul/2024-06577",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06650",
"RefURL": "https://bdu.fstec.ru/vul/2024-06650",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06651",
"RefURL": "https://bdu.fstec.ru/vul/2024-06651",
"Source": "BDU"
},
{
"RefID": "CVE-2024-21141",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21141",
"Source": "CVE"
},
{
"RefID": "CVE-2024-21161",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21161",
"Source": "CVE"
},
{
"RefID": "CVE-2024-21164",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21164",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-modules-virtualbox-addition-un-def to version 7.0.20-alt1.393584.0.c10f.1. \nSecurity Fix(es):\n\n * BDU:2024-06577: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ на чтение, изменение или удаление данных и вызвать отказ в обслуживании\n\n * BDU:2024-06650: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2024-06651: Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2024-21141: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).\n\n * CVE-2024-21161: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n * CVE-2024-21164: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 2.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N).",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-10-28"
},
"Updated": {
"Date": "2024-10-28"
},
"BDUs": [
{
"ID": "BDU:2024-06577",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2024-06577",
"Impact": "High",
"Public": "20240716"
},
{
"ID": "BDU:2024-06650",
"CVSS": "AV:L/AC:H/Au:M/C:P/I:N/A:N",
"CVSS3": "AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2024-06650",
"Impact": "Low",
"Public": "20240716"
},
{
"ID": "BDU:2024-06651",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-404",
"Href": "https://bdu.fstec.ru/vul/2024-06651",
"Impact": "Low",
"Public": "20240716"
}
],
"CVEs": [
{
"ID": "CVE-2024-21141",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21141",
"Impact": "High",
"Public": "20240716"
},
{
"ID": "CVE-2024-21161",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21161",
"Impact": "Low",
"Public": "20240716"
},
{
"ID": "CVE-2024-21164",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21164",
"Impact": "Low",
"Public": "20240716"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414703001",
"Comment": "kernel-modules-virtualbox-addition-un-def is earlier than 0:7.0.20-alt1.393584.0.c10f.1"
}
]
}
]
}
}
]
}

12
oval/c10f1/ALT-PU-2024-11773/objects.json → oval/c10f1/ALT-PU-2024-14703/objects.json
View File

@ -25,16 +25,10 @@
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411773001",
"ID": "oval:org.altlinux.errata:obj:202414703001",
"Version": "1",
"Comment": "openstack-cinder is installed",
"Name": "openstack-cinder"
},
{
"ID": "oval:org.altlinux.errata:obj:202411773002",
"Version": "1",
"Comment": "python3-module-cinder is installed",
"Name": "python3-module-cinder"
"Comment": "kernel-modules-virtualbox-addition-un-def is installed",
"Name": "kernel-modules-virtualbox-addition-un-def"
}
]
}

23
oval/c10f1/ALT-PU-2024-14703/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414703001",
"Version": "1",
"Comment": "package EVR is earlier than 0:7.0.20-alt1.393584.0.c10f.1",
"Arch": {},
"EVR": {
"Text": "0:7.0.20-alt1.393584.0.c10f.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f1/ALT-PU-2024-14703/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414703001",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-virtualbox-addition-un-def is earlier than 0:7.0.20-alt1.393584.0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414703001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414703001"
}
}
]
}

592
oval/c10f1/ALT-PU-2024-14706/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

14
oval/p10/ALT-PU-2023-7328/objects.json → oval/c10f1/ALT-PU-2024-14706/objects.json
View File

@ -1,7 +1,7 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
@ -15,7 +15,7 @@
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
@ -25,31 +25,31 @@
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20237328001",
"ID": "oval:org.altlinux.errata:obj:202414706001",
"Version": "1",
"Comment": "MySQL-client is installed",
"Name": "MySQL-client"
},
{
"ID": "oval:org.altlinux.errata:obj:20237328002",
"ID": "oval:org.altlinux.errata:obj:202414706002",
"Version": "1",
"Comment": "MySQL-server is installed",
"Name": "MySQL-server"
},
{
"ID": "oval:org.altlinux.errata:obj:20237328003",
"ID": "oval:org.altlinux.errata:obj:202414706003",
"Version": "1",
"Comment": "MySQL-server-perl is installed",
"Name": "MySQL-server-perl"
},
{
"ID": "oval:org.altlinux.errata:obj:20237328004",
"ID": "oval:org.altlinux.errata:obj:202414706004",
"Version": "1",
"Comment": "libmysqlclient21 is installed",
"Name": "libmysqlclient21"
},
{
"ID": "oval:org.altlinux.errata:obj:20237328005",
"ID": "oval:org.altlinux.errata:obj:202414706005",
"Version": "1",
"Comment": "libmysqlclient21-devel is installed",
"Name": "libmysqlclient21-devel"

23
oval/c10f1/ALT-PU-2024-14706/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414706001",
"Version": "1",
"Comment": "package EVR is earlier than 0:8.0.40-alt1",
"Arch": {},
"EVR": {
"Text": "0:8.0.40-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

78
oval/c10f1/ALT-PU-2024-14706/tests.json Normal file
View File

@ -0,0 +1,78 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414706001",
"Version": "1",
"Check": "all",
"Comment": "MySQL-client is earlier than 0:8.0.40-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414706001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414706001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414706002",
"Version": "1",
"Check": "all",
"Comment": "MySQL-server is earlier than 0:8.0.40-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414706002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414706001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414706003",
"Version": "1",
"Check": "all",
"Comment": "MySQL-server-perl is earlier than 0:8.0.40-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414706003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414706001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414706004",
"Version": "1",
"Check": "all",
"Comment": "libmysqlclient21 is earlier than 0:8.0.40-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414706004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414706001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414706005",
"Version": "1",
"Check": "all",
"Comment": "libmysqlclient21-devel is earlier than 0:8.0.40-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414706005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414706001"
}
}
]
}

109
oval/c10f1/ALT-PU-2024-9690/definitions.json
View File

@ -1,109 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20249690",
"Version": "oval:org.altlinux.errata:def:20249690",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-9690: package `cmake` update to version 3.23.2-alt3",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-9690",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-9690",
"Source": "ALTPU"
}
],
"Description": "This update upgrades cmake to version 3.23.2-alt3. \nSecurity Fix(es):\n\n * #45833: добавить макрос для ctest",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-07-07"
},
"Updated": {
"Date": "2024-07-07"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "45833",
"Href": "https://bugzilla.altlinux.org/45833",
"Data": "добавить макрос для ctest"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20249690001",
"Comment": "bash-completion-cmake is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249690002",
"Comment": "ccmake is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249690003",
"Comment": "cmake is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249690004",
"Comment": "cmake-doc is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249690005",
"Comment": "cmake-gui is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249690006",
"Comment": "cmake-modules is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249690007",
"Comment": "ctest is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249690008",
"Comment": "rpm-macros-cmake is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20249690009",
"Comment": "vim-plugin-cmake is earlier than 0:3.23.2-alt3"
}
]
}
]
}
}
]
}

82
oval/c10f1/ALT-PU-2024-9690/objects.json
View File

@ -1,82 +0,0 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20249690001",
"Version": "1",
"Comment": "bash-completion-cmake is installed",
"Name": "bash-completion-cmake"
},
{
"ID": "oval:org.altlinux.errata:obj:20249690002",
"Version": "1",
"Comment": "ccmake is installed",
"Name": "ccmake"
},
{
"ID": "oval:org.altlinux.errata:obj:20249690003",
"Version": "1",
"Comment": "cmake is installed",
"Name": "cmake"
},
{
"ID": "oval:org.altlinux.errata:obj:20249690004",
"Version": "1",
"Comment": "cmake-doc is installed",
"Name": "cmake-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:20249690005",
"Version": "1",
"Comment": "cmake-gui is installed",
"Name": "cmake-gui"
},
{
"ID": "oval:org.altlinux.errata:obj:20249690006",
"Version": "1",
"Comment": "cmake-modules is installed",
"Name": "cmake-modules"
},
{
"ID": "oval:org.altlinux.errata:obj:20249690007",
"Version": "1",
"Comment": "ctest is installed",
"Name": "ctest"
},
{
"ID": "oval:org.altlinux.errata:obj:20249690008",
"Version": "1",
"Comment": "rpm-macros-cmake is installed",
"Name": "rpm-macros-cmake"
},
{
"ID": "oval:org.altlinux.errata:obj:20249690009",
"Version": "1",
"Comment": "vim-plugin-cmake is installed",
"Name": "vim-plugin-cmake"
}
]
}

126
oval/c10f1/ALT-PU-2024-9690/tests.json
View File

@ -1,126 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20249690001",
"Version": "1",
"Check": "all",
"Comment": "bash-completion-cmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20249690002",
"Version": "1",
"Check": "all",
"Comment": "ccmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20249690003",
"Version": "1",
"Check": "all",
"Comment": "cmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20249690004",
"Version": "1",
"Check": "all",
"Comment": "cmake-doc is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20249690005",
"Version": "1",
"Check": "all",
"Comment": "cmake-gui is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20249690006",
"Version": "1",
"Check": "all",
"Comment": "cmake-modules is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20249690007",
"Version": "1",
"Check": "all",
"Comment": "ctest is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20249690008",
"Version": "1",
"Check": "all",
"Comment": "rpm-macros-cmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20249690009",
"Version": "1",
"Check": "all",
"Comment": "vim-plugin-cmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20249690009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20249690001"
}
}
]
}

4
oval/c9f2/ALT-PU-2018-2090/definitions.json
View File

@ -85,10 +85,10 @@
{
"ID": "CVE-2018-1000021",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000021",
"Impact": "High",
"Impact": "Low",
"Public": "20180209"
},
{

8
oval/c9f2/ALT-PU-2020-1301/definitions.json
View File

@ -53,7 +53,7 @@
"Description": "This update upgrades systemd to version 243.7-alt1. \nSecurity Fix(es):\n\n * BDU:2020-02039: Уязвимость системы инициализации Linux systemd, связанная с обращением к памяти после ее освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-05729: Уязвимость подсистемы инициализации и управления службами в Linux systemd, связанная с неосвобождением ресурса после истечения действительного срока его эксплуатации, позволяющая нарушителю вызвать отказ в обслуживаниии\n\n * CVE-2018-20839: systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.\n\n * CVE-2019-20386: An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.\n\n * CVE-2020-1712: A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.\n\n * #37200: Ругается при загрузке на отсутствие группы vmusers\n\n * #37352: Конфликт с systemd-utils",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-02-20"
@ -85,10 +85,10 @@
{
"ID": "CVE-2018-20839",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-200",
"CVSS3": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-20839",
"Impact": "Critical",
"Impact": "Low",
"Public": "20190517"
},
{

571
oval/c9f2/ALT-PU-2023-4248/definitions.json
View File

File diff suppressed because one or more lines are too long

23
oval/c9f2/ALT-PU-2023-4248/states.json
View File

@ -1,23 +0,0 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20234248001",
"Version": "1",
"Comment": "package EVR is earlier than 0:8.5.26-alt0.c9.1",
"Arch": {},
"EVR": {
"Text": "0:8.5.26-alt0.c9.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2023-4248/tests.json
View File

@ -1,30 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20234248001",
"Version": "1",
"Check": "all",
"Comment": "grafana is earlier than 0:8.5.26-alt0.c9.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234248001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234248001"
}
}
]
}

416
oval/c9f2/ALT-PU-2023-4566/definitions.json
View File

File diff suppressed because one or more lines are too long

70
oval/c9f2/ALT-PU-2023-4566/objects.json
View File

@ -1,70 +0,0 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20234566001",
"Version": "1",
"Comment": "golang is installed",
"Name": "golang"
},
{
"ID": "oval:org.altlinux.errata:obj:20234566002",
"Version": "1",
"Comment": "golang-docs is installed",
"Name": "golang-docs"
},
{
"ID": "oval:org.altlinux.errata:obj:20234566003",
"Version": "1",
"Comment": "golang-gdb is installed",
"Name": "golang-gdb"
},
{
"ID": "oval:org.altlinux.errata:obj:20234566004",
"Version": "1",
"Comment": "golang-misc is installed",
"Name": "golang-misc"
},
{
"ID": "oval:org.altlinux.errata:obj:20234566005",
"Version": "1",
"Comment": "golang-shared is installed",
"Name": "golang-shared"
},
{
"ID": "oval:org.altlinux.errata:obj:20234566006",
"Version": "1",
"Comment": "golang-src is installed",
"Name": "golang-src"
},
{
"ID": "oval:org.altlinux.errata:obj:20234566007",
"Version": "1",
"Comment": "golang-tests is installed",
"Name": "golang-tests"
}
]
}

23
oval/c9f2/ALT-PU-2023-4566/states.json
View File

@ -1,23 +0,0 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20234566001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.19.11-alt0.c9.1",
"Arch": {},
"EVR": {
"Text": "0:1.19.11-alt0.c9.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

102
oval/c9f2/ALT-PU-2023-4566/tests.json
View File

@ -1,102 +0,0 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20234566001",
"Version": "1",
"Check": "all",
"Comment": "golang is earlier than 0:1.19.11-alt0.c9.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234566001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234566001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234566002",
"Version": "1",
"Check": "all",
"Comment": "golang-docs is earlier than 0:1.19.11-alt0.c9.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234566002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234566001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234566003",
"Version": "1",
"Check": "all",
"Comment": "golang-gdb is earlier than 0:1.19.11-alt0.c9.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234566003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234566001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234566004",
"Version": "1",
"Check": "all",
"Comment": "golang-misc is earlier than 0:1.19.11-alt0.c9.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234566004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234566001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234566005",
"Version": "1",
"Check": "all",
"Comment": "golang-shared is earlier than 0:1.19.11-alt0.c9.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234566005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234566001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234566006",
"Version": "1",
"Check": "all",
"Comment": "golang-src is earlier than 0:1.19.11-alt0.c9.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234566006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234566001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20234566007",
"Version": "1",
"Check": "all",
"Comment": "golang-tests is earlier than 0:1.19.11-alt0.c9.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20234566007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20234566001"
}
}
]
}

125
oval/c9f2/ALT-PU-2023-5560/definitions.json
View File

@ -1,125 +0,0 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20235560",
"Version": "oval:org.altlinux.errata:def:20235560",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2023-5560: package `salt` update to version 3005.2-alt0.c9.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2023-5560",
"RefURL": "https://errata.altlinux.org/ALT-PU-2023-5560",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-05935",
"RefURL": "https://bdu.fstec.ru/vul/2023-05935",
"Source": "BDU"
},
{
"RefID": "CVE-2023-20897",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-20897",
"Source": "CVE"
},
{
"RefID": "CVE-2023-20898",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-20898",
"Source": "CVE"
}
],
"Description": "This update upgrades salt to version 3005.2-alt0.c9.1. \nSecurity Fix(es):\n\n * BDU:2023-05935: Уязвимость системы управления конфигурациями и удалённого выполнения операций SaltStack Salt, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * CVE-2023-20897: Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.\n\n\n * CVE-2023-20898: Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.\n",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2023-09-25"
},
"Updated": {
"Date": "2023-09-25"
},
"BDUs": [
{
"ID": "BDU:2023-05935",
"CVSS": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2023-05935",
"Impact": "High",
"Public": "20230810"
}
],
"CVEs": [
{
"ID": "CVE-2023-20897",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CWE": "CWE-404",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-20897",
"Impact": "Low",
"Public": "20230905"
},
{
"ID": "CVE-2023-20898",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-20898",
"Impact": "High",
"Public": "20230905"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20235560001",
"Comment": "python3-module-salt is earlier than 0:3005.2-alt0.c9.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20235560002",
"Comment": "salt-api is earlier than 0:3005.2-alt0.c9.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20235560003",
"Comment": "salt-master is earlier than 0:3005.2-alt0.c9.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20235560004",
"Comment": "salt-minion is earlier than 0:3005.2-alt0.c9.1"
}
]
}
]
}
}
]
}

23
oval/c9f2/ALT-PU-2023-5560/states.json
View File

@ -1,23 +0,0 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20235560001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3005.2-alt0.c9.1",
"Arch": {},
"EVR": {
"Text": "0:3005.2-alt0.c9.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

Some files were not shown because too many files have changed in this diff Show More