pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-12-10 03:05:51 +00:00
parent 4c262203ed
commit 56c985da4e
24 changed files with 1385 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
oval/c9f2/ALT-PU-2024-16512/definitions.json Normal file
View File

@ -0,0 +1,108 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416512",
"Version": "oval:org.altlinux.errata:def:202416512",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16512: package `zchunk` update to version 1.3.2-alt1_1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16512",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16512",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-07324",
"RefURL": "https://bdu.fstec.ru/vul/2023-07324",
"Source": "BDU"
},
{
"RefID": "CVE-2023-46228",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-46228",
"Source": "CVE"
}
],
"Description": "This update upgrades zchunk to version 1.3.2-alt1_1. \nSecurity Fix(es):\n\n * BDU:2023-07324: Уязвимость компонентов lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c или lib/header.c программного средства для уменьшения размера файлов в формате RPM zchunk, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-46228: zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-09"
},
"Updated": {
"Date": "2024-12-09"
},
"BDUs": [
{
"ID": "BDU:2023-07324",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2023-07324",
"Impact": "High",
"Public": "20231019"
}
],
"CVEs": [
{
"ID": "CVE-2023-46228",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-46228",
"Impact": "High",
"Public": "20231019"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416512001",
"Comment": "zchunk is earlier than 0:1.3.2-alt1_1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416512002",
"Comment": "zchunk-devel is earlier than 0:1.3.2-alt1_1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416512003",
"Comment": "zchunk-libs is earlier than 0:1.3.2-alt1_1"
}
]
}
]
}
}
]
}

46
oval/c9f2/ALT-PU-2024-16512/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416512001",
"Version": "1",
"Comment": "zchunk is installed",
"Name": "zchunk"
},
{
"ID": "oval:org.altlinux.errata:obj:202416512002",
"Version": "1",
"Comment": "zchunk-devel is installed",
"Name": "zchunk-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202416512003",
"Version": "1",
"Comment": "zchunk-libs is installed",
"Name": "zchunk-libs"
}
]
}

23
oval/c9f2/ALT-PU-2024-16512/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416512001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.3.2-alt1_1",
"Arch": {},
"EVR": {
"Text": "0:1.3.2-alt1_1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/c9f2/ALT-PU-2024-16512/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416512001",
"Version": "1",
"Check": "all",
"Comment": "zchunk is earlier than 0:1.3.2-alt1_1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416512001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416512001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416512002",
"Version": "1",
"Check": "all",
"Comment": "zchunk-devel is earlier than 0:1.3.2-alt1_1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416512002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416512001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416512003",
"Version": "1",
"Check": "all",
"Comment": "zchunk-libs is earlier than 0:1.3.2-alt1_1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416512003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416512001"
}
}
]
}

105
oval/p10/ALT-PU-2024-16218/definitions.json Normal file
View File

@ -0,0 +1,105 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416218",
"Version": "oval:org.altlinux.errata:def:202416218",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16218: package `libopenh264` update to version 2.5.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16218",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16218",
"Source": "ALTPU"
}
],
"Description": "This update upgrades libopenh264 to version 2.5.0-alt1. \nSecurity Fix(es):\n\n * #44549: недостаёт Provides:/Obsoletes:",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-10"
},
"Updated": {
"Date": "2024-12-10"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "44549",
"Href": "https://bugzilla.altlinux.org/44549",
"Data": "недостаёт Provides:/Obsoletes:"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416218001",
"Comment": "libopenh264-devel is earlier than 0:2.5.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416218002",
"Comment": "libopenh264_7 is earlier than 0:2.5.0-alt1"
}
]
}
]
}
}
]
}

40
oval/p10/ALT-PU-2024-16218/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416218001",
"Version": "1",
"Comment": "libopenh264-devel is installed",
"Name": "libopenh264-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202416218002",
"Version": "1",
"Comment": "libopenh264_7 is installed",
"Name": "libopenh264_7"
}
]
}

23
oval/p10/ALT-PU-2024-16218/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416218001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2.5.0-alt1",
"Arch": {},
"EVR": {
"Text": "0:2.5.0-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/p10/ALT-PU-2024-16218/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416218001",
"Version": "1",
"Check": "all",
"Comment": "libopenh264-devel is earlier than 0:2.5.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416218001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416218001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416218002",
"Version": "1",
"Check": "all",
"Comment": "libopenh264_7 is earlier than 0:2.5.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416218002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416218001"
}
}
]
}

127
oval/p10/ALT-PU-2024-16424/definitions.json Normal file
View File

@ -0,0 +1,127 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416424",
"Version": "oval:org.altlinux.errata:def:202416424",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16424: package `bcel` update to version 6.8.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16424",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16424",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-02279",
"RefURL": "https://bdu.fstec.ru/vul/2024-02279",
"Source": "BDU"
},
{
"RefID": "CVE-2022-42920",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920",
"Source": "CVE"
}
],
"Description": "This update upgrades bcel to version 6.8.2-alt1. \nSecurity Fix(es):\n\n * BDU:2024-02279: Уязвимость библиотеки для обработки байт-кода Java Apache Commons BCEL, связанная с записью за границами буфера, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2022-42920: Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-10"
},
"Updated": {
"Date": "2024-12-10"
},
"BDUs": [
{
"ID": "BDU:2024-02279",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2024-02279",
"Impact": "Critical",
"Public": "20221107"
}
],
"CVEs": [
{
"ID": "CVE-2022-42920",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920",
"Impact": "Critical",
"Public": "20221107"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416424001",
"Comment": "bcel is earlier than 1:6.8.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416424002",
"Comment": "bcel-javadoc is earlier than 1:6.8.2-alt1"
}
]
}
]
}
}
]
}

40
oval/p10/ALT-PU-2024-16424/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416424001",
"Version": "1",
"Comment": "bcel is installed",
"Name": "bcel"
},
{
"ID": "oval:org.altlinux.errata:obj:202416424002",
"Version": "1",
"Comment": "bcel-javadoc is installed",
"Name": "bcel-javadoc"
}
]
}

23
oval/p10/ALT-PU-2024-16424/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416424001",
"Version": "1",
"Comment": "package EVR is earlier than 1:6.8.2-alt1",
"Arch": {},
"EVR": {
"Text": "1:6.8.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/p10/ALT-PU-2024-16424/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416424001",
"Version": "1",
"Check": "all",
"Comment": "bcel is earlier than 1:6.8.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416424001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416424001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416424002",
"Version": "1",
"Check": "all",
"Comment": "bcel-javadoc is earlier than 1:6.8.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416424002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416424001"
}
}
]
}

105
oval/p10/ALT-PU-2024-16612/definitions.json Normal file
View File

@ -0,0 +1,105 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416612",
"Version": "oval:org.altlinux.errata:def:202416612",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16612: package `admc` update to version 0.17.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16612",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16612",
"Source": "ALTPU"
}
],
"Description": "This update upgrades admc to version 0.17.2-alt1. \nSecurity Fix(es):\n\n * #52329: Центр управления Active Directory не отображает полностью информацию о домене",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-10"
},
"Updated": {
"Date": "2024-12-10"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "52329",
"Href": "https://bugzilla.altlinux.org/52329",
"Data": "Центр управления Active Directory не отображает полностью информацию о домене"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416612001",
"Comment": "admc is earlier than 0:0.17.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416612002",
"Comment": "admc-test is earlier than 0:0.17.2-alt1"
}
]
}
]
}
}
]
}

40
oval/p10/ALT-PU-2024-16612/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416612001",
"Version": "1",
"Comment": "admc is installed",
"Name": "admc"
},
{
"ID": "oval:org.altlinux.errata:obj:202416612002",
"Version": "1",
"Comment": "admc-test is installed",
"Name": "admc-test"
}
]
}

23
oval/p10/ALT-PU-2024-16612/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416612001",
"Version": "1",
"Comment": "package EVR is earlier than 0:0.17.2-alt1",
"Arch": {},
"EVR": {
"Text": "0:0.17.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/p10/ALT-PU-2024-16612/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416612001",
"Version": "1",
"Check": "all",
"Comment": "admc is earlier than 0:0.17.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416612001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416612001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416612002",
"Version": "1",
"Check": "all",
"Comment": "admc-test is earlier than 0:0.17.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416612002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416612001"
}
}
]
}

135
oval/p10/ALT-PU-2024-16782/definitions.json Normal file
View File

@ -0,0 +1,135 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416782",
"Version": "oval:org.altlinux.errata:def:202416782",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16782: package `postgresql-jdbc` update to version 42.6.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16782",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16782",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-01541",
"RefURL": "https://bdu.fstec.ru/vul/2024-01541",
"Source": "BDU"
},
{
"RefID": "CVE-2024-1597",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1597",
"Source": "CVE"
}
],
"Description": "This update upgrades postgresql-jdbc to version 42.6.2-alt1. \nSecurity Fix(es):\n\n * BDU:2024-01541: Уязвимость драйвера JDBC pgjdbc для подключения Java-программ к базе данных PostgreSQL, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2024-1597: pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.\n\n * #51910: Для закрытия CVE-2024-1597 необходимо обновить пакет",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-09"
},
"Updated": {
"Date": "2024-12-09"
},
"BDUs": [
{
"ID": "BDU:2024-01541",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-89",
"Href": "https://bdu.fstec.ru/vul/2024-01541",
"Impact": "Critical",
"Public": "20240219"
}
],
"CVEs": [
{
"ID": "CVE-2024-1597",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-89",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1597",
"Impact": "Critical",
"Public": "20240219"
}
],
"Bugzilla": [
{
"ID": "51910",
"Href": "https://bugzilla.altlinux.org/51910",
"Data": "Для закрытия CVE-2024-1597 необходимо обновить пакет"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416782001",
"Comment": "postgresql-jdbc is earlier than 0:42.6.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416782002",
"Comment": "postgresql-jdbc-javadoc is earlier than 0:42.6.2-alt1"
}
]
}
]
}
}
]
}

40
oval/p10/ALT-PU-2024-16782/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416782001",
"Version": "1",
"Comment": "postgresql-jdbc is installed",
"Name": "postgresql-jdbc"
},
{
"ID": "oval:org.altlinux.errata:obj:202416782002",
"Version": "1",
"Comment": "postgresql-jdbc-javadoc is installed",
"Name": "postgresql-jdbc-javadoc"
}
]
}

23
oval/p10/ALT-PU-2024-16782/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416782001",
"Version": "1",
"Comment": "package EVR is earlier than 0:42.6.2-alt1",
"Arch": {},
"EVR": {
"Text": "0:42.6.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/p10/ALT-PU-2024-16782/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416782001",
"Version": "1",
"Check": "all",
"Comment": "postgresql-jdbc is earlier than 0:42.6.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416782001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416782001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416782002",
"Version": "1",
"Check": "all",
"Comment": "postgresql-jdbc-javadoc is earlier than 0:42.6.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416782002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416782001"
}
}
]
}

139
oval/p10/ALT-PU-2024-16795/definitions.json Normal file
View File

@ -0,0 +1,139 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416795",
"Version": "oval:org.altlinux.errata:def:202416795",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16795: package `xalan-j2` update to version 2.7.3-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16795",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16795",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-04788",
"RefURL": "https://bdu.fstec.ru/vul/2022-04788",
"Source": "BDU"
},
{
"RefID": "CVE-2022-34169",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"Source": "CVE"
}
],
"Description": "This update upgrades xalan-j2 to version 2.7.3-alt1. \nSecurity Fix(es):\n\n * BDU:2022-04788: Уязвимость библиотеки Apache Xalan Java XSLT, связанная с ошибкой приведения целочисленного значения, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2022-34169: The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.\n\n * #52280: Для закрытия CVE-2022-34169 необходимо обновить пакет",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-10"
},
"Updated": {
"Date": "2024-12-10"
},
"BDUs": [
{
"ID": "BDU:2022-04788",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-192",
"Href": "https://bdu.fstec.ru/vul/2022-04788",
"Impact": "High",
"Public": "20220713"
}
],
"CVEs": [
{
"ID": "CVE-2022-34169",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-681",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"Impact": "High",
"Public": "20220719"
}
],
"Bugzilla": [
{
"ID": "52280",
"Href": "https://bugzilla.altlinux.org/52280",
"Data": "Для закрытия CVE-2022-34169 необходимо обновить пакет"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416795001",
"Comment": "xalan-j2 is earlier than 0:2.7.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416795002",
"Comment": "xalan-j2-manual is earlier than 0:2.7.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416795003",
"Comment": "xalan-j2-xsltc is earlier than 0:2.7.3-alt1"
}
]
}
]
}
}
]
}

46
oval/p10/ALT-PU-2024-16795/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416795001",
"Version": "1",
"Comment": "xalan-j2 is installed",
"Name": "xalan-j2"
},
{
"ID": "oval:org.altlinux.errata:obj:202416795002",
"Version": "1",
"Comment": "xalan-j2-manual is installed",
"Name": "xalan-j2-manual"
},
{
"ID": "oval:org.altlinux.errata:obj:202416795003",
"Version": "1",
"Comment": "xalan-j2-xsltc is installed",
"Name": "xalan-j2-xsltc"
}
]
}

23
oval/p10/ALT-PU-2024-16795/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416795001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2.7.3-alt1",
"Arch": {},
"EVR": {
"Text": "0:2.7.3-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/p10/ALT-PU-2024-16795/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416795001",
"Version": "1",
"Check": "all",
"Comment": "xalan-j2 is earlier than 0:2.7.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416795001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416795001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416795002",
"Version": "1",
"Check": "all",
"Comment": "xalan-j2-manual is earlier than 0:2.7.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416795002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416795001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416795003",
"Version": "1",
"Check": "all",
"Comment": "xalan-j2-xsltc is earlier than 0:2.7.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416795003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416795001"
}
}
]
}