pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-04-23 15:02:03 +00:00
parent e35195aca2
commit 4b4578c49b
20 changed files with 1129 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
oval/c10f1/ALT-PU-2024-6668/definitions.json Normal file
View File

@ -0,0 +1,136 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20246668",
"Version": "oval:org.altlinux.errata:def:20246668",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-6668: package `kernel-image-un-def` update to version 6.1.85-alt0.c10f.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-6668",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-6668",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-01673",
"RefURL": "https://bdu.fstec.ru/vul/2024-01673",
"Source": "BDU"
},
{
"RefID": "CVE-2023-52434",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-52434",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-un-def to version 6.1.85-alt0.c10f.1. \nSecurity Fix(es):\n\n * BDU:2024-01673: Уязвимость функции smb2_parse_contexts() в модуле fs/smb/client/smb2pdu.c клиента SMB ядра операционной системы Linux , позволяющая нарушителю получить доступ к защищаемой информации или вызвать отказ в обслуживании\n\n * CVE-2023-52434: In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential OOBs in smb2_parse_contexts()\n\nValidate offsets and lengths before dereferencing create contexts in\nsmb2_parse_contexts().\n\nThis fixes following oops when accessing invalid create contexts from\nserver:\n\n BUG: unable to handle page fault for address: ffff8881178d8cc3\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 4a01067 P4D 4a01067 PUD 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 3 PID: 1736 Comm: mount.cifs Not tainted 6.7.0-rc4 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n RIP: 0010:smb2_parse_contexts+0xa0/0x3a0 [cifs]\n Code: f8 10 75 13 48 b8 93 ad 25 50 9c b4 11 e7 49 39 06 0f 84 d2 00\n 00 00 8b 45 00 85 c0 74 61 41 29 c5 48 01 c5 41 83 fd 0f 76 55 \u003c0f\u003e b7\n 7d 04 0f b7 45 06 4c 8d 74 3d 00 66 83 f8 04 75 bc ba 04 00\n RSP: 0018:ffffc900007939e0 EFLAGS: 00010216\n RAX: ffffc90000793c78 RBX: ffff8880180cc000 RCX: ffffc90000793c90\n RDX: ffffc90000793cc0 RSI: ffff8880178d8cc0 RDI: ffff8880180cc000\n RBP: ffff8881178d8cbf R08: ffffc90000793c22 R09: 0000000000000000\n R10: ffff8880180cc000 R11: 0000000000000024 R12: 0000000000000000\n R13: 0000000000000020 R14: 0000000000000000 R15: ffffc90000793c22\n FS: 00007f873753cbc0(0000) GS:ffff88806bc00000(0000)\n knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff8881178d8cc3 CR3: 00000000181ca000 CR4: 0000000000750ef0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x181/0x480\n ? search_module_extables+0x19/0x60\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? exc_page_fault+0x1b6/0x1c0\n ? asm_exc_page_fault+0x26/0x30\n ? smb2_parse_contexts+0xa0/0x3a0 [cifs]\n SMB2_open+0x38d/0x5f0 [cifs]\n ? smb2_is_path_accessible+0x138/0x260 [cifs]\n smb2_is_path_accessible+0x138/0x260 [cifs]\n cifs_is_path_remote+0x8d/0x230 [cifs]\n cifs_mount+0x7e/0x350 [cifs]\n cifs_smb3_do_mount+0x128/0x780 [cifs]\n smb3_get_tree+0xd9/0x290 [cifs]\n vfs_get_tree+0x2c/0x100\n ? capable+0x37/0x70\n path_mount+0x2d7/0xb80\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? _raw_spin_unlock_irqrestore+0x44/0x60\n __x64_sys_mount+0x11a/0x150\n do_syscall_64+0x47/0xf0\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n RIP: 0033:0x7f8737657b1e",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-04-23"
},
"Updated": {
"Date": "2024-04-23"
},
"BDUs": [
{
"ID": "BDU:2024-01673",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2024-01673",
"Impact": "Low",
"Public": "20231211"
}
],
"CVEs": [
{
"ID": "CVE-2023-52434",
"CVSS3": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-52434",
"Impact": "High",
"Public": "20240220"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20246668001",
"Comment": "kernel-doc-un is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668002",
"Comment": "kernel-headers-modules-un-def is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668003",
"Comment": "kernel-headers-un-def is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668004",
"Comment": "kernel-image-domU-un-def is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668005",
"Comment": "kernel-image-un-def is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668006",
"Comment": "kernel-image-un-def-checkinstall is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668007",
"Comment": "kernel-modules-drm-ancient-un-def is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668008",
"Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668009",
"Comment": "kernel-modules-drm-un-def is earlier than 1:6.1.85-alt0.c10f.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20246668010",
"Comment": "kernel-modules-staging-un-def is earlier than 1:6.1.85-alt0.c10f.1"
}
]
}
]
}
}
]
}

88
oval/c10f1/ALT-PU-2024-6668/objects.json Normal file
View File

@ -0,0 +1,88 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20246668001",
"Version": "1",
"Comment": "kernel-doc-un is installed",
"Name": "kernel-doc-un"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668002",
"Version": "1",
"Comment": "kernel-headers-modules-un-def is installed",
"Name": "kernel-headers-modules-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668003",
"Version": "1",
"Comment": "kernel-headers-un-def is installed",
"Name": "kernel-headers-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668004",
"Version": "1",
"Comment": "kernel-image-domU-un-def is installed",
"Name": "kernel-image-domU-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668005",
"Version": "1",
"Comment": "kernel-image-un-def is installed",
"Name": "kernel-image-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668006",
"Version": "1",
"Comment": "kernel-image-un-def-checkinstall is installed",
"Name": "kernel-image-un-def-checkinstall"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668007",
"Version": "1",
"Comment": "kernel-modules-drm-ancient-un-def is installed",
"Name": "kernel-modules-drm-ancient-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668008",
"Version": "1",
"Comment": "kernel-modules-drm-nouveau-un-def is installed",
"Name": "kernel-modules-drm-nouveau-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668009",
"Version": "1",
"Comment": "kernel-modules-drm-un-def is installed",
"Name": "kernel-modules-drm-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:20246668010",
"Version": "1",
"Comment": "kernel-modules-staging-un-def is installed",
"Name": "kernel-modules-staging-un-def"
}
]
}

23
oval/c10f1/ALT-PU-2024-6668/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20246668001",
"Version": "1",
"Comment": "package EVR is earlier than 1:6.1.85-alt0.c10f.1",
"Arch": {},
"EVR": {
"Text": "1:6.1.85-alt0.c10f.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

138
oval/c10f1/ALT-PU-2024-6668/tests.json Normal file
View File

@ -0,0 +1,138 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20246668001",
"Version": "1",
"Check": "all",
"Comment": "kernel-doc-un is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668002",
"Version": "1",
"Check": "all",
"Comment": "kernel-headers-modules-un-def is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668003",
"Version": "1",
"Check": "all",
"Comment": "kernel-headers-un-def is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668004",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-domU-un-def is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668005",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-un-def is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668006",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-un-def-checkinstall is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668007",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-ancient-un-def is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668008",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668009",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-un-def is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20246668010",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-staging-un-def is earlier than 1:6.1.85-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246668010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246668001"
}
}
]
}

40
oval/c10f1/ALT-PU-2024-6898/definitions.json
View File

@ -55,7 +55,7 @@
"Source": "CVE"
}
],
"Description": "This update upgrades freerdp to version 2.11.6-alt1. \nSecurity Fix(es):\n\n * CVE-2024-32039: description unavailable\n\n * CVE-2024-32040: description unavailable\n\n * CVE-2024-32041: description unavailable\n\n * CVE-2024-32458: description unavailable\n\n * CVE-2024-32459: description unavailable\n\n * CVE-2024-32460: description unavailable",
"Description": "This update upgrades freerdp to version 2.11.6-alt1. \nSecurity Fix(es):\n\n * CVE-2024-32039: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).\n\n * CVE-2024-32040: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).\n\n * CVE-2024-32041: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead.\n\n * CVE-2024-32458: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).\n\n * CVE-2024-32459: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.\n\n * CVE-2024-32460: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
@ -67,6 +67,44 @@
"Date": "2024-04-21"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2024-32039",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32039",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32040",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32040",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32041",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32041",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32458",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32458",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32459",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32459",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32460",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32460",
"Impact": "None",
"Public": "20240422"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",

40
oval/c10f2/ALT-PU-2024-6849/definitions.json
View File

@ -51,7 +51,7 @@
"Source": "CVE"
}
],
"Description": "This update upgrades freerdp to version 2.11.6-alt1. \nSecurity Fix(es):\n\n * CVE-2024-32039: description unavailable\n\n * CVE-2024-32040: description unavailable\n\n * CVE-2024-32041: description unavailable\n\n * CVE-2024-32458: description unavailable\n\n * CVE-2024-32459: description unavailable\n\n * CVE-2024-32460: description unavailable",
"Description": "This update upgrades freerdp to version 2.11.6-alt1. \nSecurity Fix(es):\n\n * CVE-2024-32039: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).\n\n * CVE-2024-32040: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).\n\n * CVE-2024-32041: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead.\n\n * CVE-2024-32458: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).\n\n * CVE-2024-32459: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.\n\n * CVE-2024-32460: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
@ -63,6 +63,44 @@
"Date": "2024-04-19"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2024-32039",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32039",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32040",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32040",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32041",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32041",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32458",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32458",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32459",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32459",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32460",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32460",
"Impact": "None",
"Public": "20240422"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",

94
oval/c10f2/ALT-PU-2024-6950/definitions.json Normal file
View File

@ -0,0 +1,94 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20246950",
"Version": "oval:org.altlinux.errata:def:20246950",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-6950: package `gifsicle` update to version 1.95-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-6950",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-6950",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-36193",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-36193",
"Source": "CVE"
},
{
"RefID": "CVE-2023-44821",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-44821",
"Source": "CVE"
}
],
"Description": "This update upgrades gifsicle to version 1.95-alt2. \nSecurity Fix(es):\n\n * CVE-2023-36193: Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c.\n\n * CVE-2023-44821: Gifsicle through 1.94, if deployed in a way that allows untrusted input to affect Gif_Realloc calls, might allow a denial of service (memory consumption). NOTE: this has been disputed by multiple parties because the Gifsicle code is not commonly used for unattended operation in which new input arrives for a long-running process, does not ship with functionality to link it into another application as a library, and does not have realistic use cases in which an adversary controls the entire command line.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-04-23"
},
"Updated": {
"Date": "2024-04-23"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2023-36193",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-36193",
"Impact": "High",
"Public": "20230623"
},
{
"ID": "CVE-2023-44821",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-44821",
"Impact": "Low",
"Public": "20231009"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20246950001",
"Comment": "gifsicle is earlier than 0:1.95-alt2"
}
]
}
]
}
}
]
}

34
oval/c10f2/ALT-PU-2024-6950/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20246950001",
"Version": "1",
"Comment": "gifsicle is installed",
"Name": "gifsicle"
}
]
}

23
oval/c10f2/ALT-PU-2024-6950/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20246950001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.95-alt2",
"Arch": {},
"EVR": {
"Text": "0:1.95-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f2/ALT-PU-2024-6950/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20246950001",
"Version": "1",
"Check": "all",
"Comment": "gifsicle is earlier than 0:1.95-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246950001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246950001"
}
}
]
}

40
oval/c9f2/ALT-PU-2024-6847/definitions.json
View File

@ -55,7 +55,7 @@
"Source": "CVE"
}
],
"Description": "This update upgrades freerdp to version 2.11.6-alt1. \nSecurity Fix(es):\n\n * CVE-2024-32039: description unavailable\n\n * CVE-2024-32040: description unavailable\n\n * CVE-2024-32041: description unavailable\n\n * CVE-2024-32458: description unavailable\n\n * CVE-2024-32459: description unavailable\n\n * CVE-2024-32460: description unavailable",
"Description": "This update upgrades freerdp to version 2.11.6-alt1. \nSecurity Fix(es):\n\n * CVE-2024-32039: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).\n\n * CVE-2024-32040: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).\n\n * CVE-2024-32041: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead.\n\n * CVE-2024-32458: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).\n\n * CVE-2024-32459: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.\n\n * CVE-2024-32460: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
@ -67,6 +67,44 @@
"Date": "2024-04-19"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2024-32039",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32039",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32040",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32040",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32041",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32041",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32458",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32458",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32459",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32459",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32460",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32460",
"Impact": "None",
"Public": "20240422"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",

111
oval/p10/ALT-PU-2024-6804/definitions.json Normal file
View File

@ -0,0 +1,111 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20246804",
"Version": "oval:org.altlinux.errata:def:20246804",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-6804: package `kde5-merkuro` update to version 23.08.5-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-6804",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-6804",
"Source": "ALTPU"
}
],
"Description": "This update upgrades kde5-merkuro to version 23.08.5-alt2. \nSecurity Fix(es):\n\n * #48720: Некорректная работа пункта \"Добавить учётную запись\" в kde5-merkuro\n\n * #48721: Не работает параметр \"Показывать строку меню\" в merkuro-calendar\n\n * #48734: Невозможно добавить или настроить учётную запись в merkuro-mail",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-04-23"
},
"Updated": {
"Date": "2024-04-23"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "48720",
"Href": "https://bugzilla.altlinux.org/48720",
"Data": "Некорректная работа пункта \"Добавить учётную запись\" в kde5-merkuro"
},
{
"ID": "48721",
"Href": "https://bugzilla.altlinux.org/48721",
"Data": "Не работает параметр \"Показывать строку меню\" в merkuro-calendar"
},
{
"ID": "48734",
"Href": "https://bugzilla.altlinux.org/48734",
"Data": "Невозможно добавить или настроить учётную запись в merkuro-mail"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20246804001",
"Comment": "kde5-merkuro is earlier than 0:23.08.5-alt2"
}
]
}
]
}
}
]
}

34
oval/p10/ALT-PU-2024-6804/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20246804001",
"Version": "1",
"Comment": "kde5-merkuro is installed",
"Name": "kde5-merkuro"
}
]
}

23
oval/p10/ALT-PU-2024-6804/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20246804001",
"Version": "1",
"Comment": "package EVR is earlier than 0:23.08.5-alt2",
"Arch": {},
"EVR": {
"Text": "0:23.08.5-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p10/ALT-PU-2024-6804/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20246804001",
"Version": "1",
"Check": "all",
"Comment": "kde5-merkuro is earlier than 0:23.08.5-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246804001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246804001"
}
}
]
}

40
oval/p10/ALT-PU-2024-6851/definitions.json
View File

@ -60,7 +60,7 @@
"Source": "CVE"
}
],
"Description": "This update upgrades freerdp to version 2.11.6-alt1. \nSecurity Fix(es):\n\n * CVE-2024-32039: description unavailable\n\n * CVE-2024-32040: description unavailable\n\n * CVE-2024-32041: description unavailable\n\n * CVE-2024-32458: description unavailable\n\n * CVE-2024-32459: description unavailable\n\n * CVE-2024-32460: description unavailable",
"Description": "This update upgrades freerdp to version 2.11.6-alt1. \nSecurity Fix(es):\n\n * CVE-2024-32039: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).\n\n * CVE-2024-32040: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).\n\n * CVE-2024-32041: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead.\n\n * CVE-2024-32458: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).\n\n * CVE-2024-32459: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.\n\n * CVE-2024-32460: FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
@ -72,6 +72,44 @@
"Date": "2024-04-19"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2024-32039",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32039",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32040",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32040",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32041",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32041",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32458",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32458",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32459",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32459",
"Impact": "None",
"Public": "20240422"
},
{
"ID": "CVE-2024-32460",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32460",
"Impact": "None",
"Public": "20240422"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",

122
oval/p10/ALT-PU-2024-6948/definitions.json Normal file
View File

@ -0,0 +1,122 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20246948",
"Version": "oval:org.altlinux.errata:def:20246948",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-6948: package `gifsicle` update to version 1.95-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-6948",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-6948",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-36193",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-36193",
"Source": "CVE"
},
{
"RefID": "CVE-2023-44821",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-44821",
"Source": "CVE"
}
],
"Description": "This update upgrades gifsicle to version 1.95-alt2. \nSecurity Fix(es):\n\n * CVE-2023-36193: Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c.\n\n * CVE-2023-44821: Gifsicle through 1.94, if deployed in a way that allows untrusted input to affect Gif_Realloc calls, might allow a denial of service (memory consumption). NOTE: this has been disputed by multiple parties because the Gifsicle code is not commonly used for unattended operation in which new input arrives for a long-running process, does not ship with functionality to link it into another application as a library, and does not have realistic use cases in which an adversary controls the entire command line.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-04-23"
},
"Updated": {
"Date": "2024-04-23"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2023-36193",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-36193",
"Impact": "High",
"Public": "20230623"
},
{
"ID": "CVE-2023-44821",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-44821",
"Impact": "Low",
"Public": "20231009"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20246948001",
"Comment": "gifsicle is earlier than 0:1.95-alt2"
}
]
}
]
}
}
]
}

34
oval/p10/ALT-PU-2024-6948/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20246948001",
"Version": "1",
"Comment": "gifsicle is installed",
"Name": "gifsicle"
}
]
}

23
oval/p10/ALT-PU-2024-6948/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20246948001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.95-alt2",
"Arch": {},
"EVR": {
"Text": "0:1.95-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p10/ALT-PU-2024-6948/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20246948001",
"Version": "1",
"Check": "all",
"Comment": "gifsicle is earlier than 0:1.95-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20246948001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20246948001"
}
}
]
}