pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-03-13 15:02:57 +00:00
parent e305cac331
commit 60a043f16d
28 changed files with 1602 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
oval/c10f2/ALT-PU-2024-1646/definitions.json Normal file
View File

@ -0,0 +1,104 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20241646",
"Version": "oval:org.altlinux.errata:def:20241646",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-1646: package `curl` update to version 8.6.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-1646",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-1646",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-01014",
"RefURL": "https://bdu.fstec.ru/vul/2024-01014",
"Source": "BDU"
},
{
"RefID": "CVE-2024-0853",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853",
"Source": "CVE"
}
],
"Description": "This update upgrades curl to version 8.6.0-alt1. \nSecurity Fix(es):\n\n * BDU:2024-01014: Уязвимость реализации протокола TLS утилиты командной строки cURL, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * CVE-2024-0853: curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to\nthe same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-03-13"
},
"Updated": {
"Date": "2024-03-13"
},
"bdu": [
{
"Cvss": "AV:N/AC:L/Au:M/C:P/I:P/A:N",
"Cvss3": "AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"Cwe": "CWE-299",
"Href": "https://bdu.fstec.ru/vul/2024-01014",
"Impact": "Low",
"Public": "20231229",
"CveID": "BDU:2024-01014"
}
],
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"Cwe": "CWE-295",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853",
"Impact": "Low",
"Public": "20240203",
"CveID": "CVE-2024-0853"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20241646001",
"Comment": "curl is earlier than 0:8.6.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241646002",
"Comment": "libcurl is earlier than 0:8.6.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20241646003",
"Comment": "libcurl-devel is earlier than 0:8.6.0-alt1"
}
]
}
]
}
}
]
}

46
oval/c10f2/ALT-PU-2024-1646/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20241646001",
"Version": "1",
"comment": "curl is installed",
"Name": "curl"
},
{
"ID": "oval:org.altlinux.errata:obj:20241646002",
"Version": "1",
"comment": "libcurl is installed",
"Name": "libcurl"
},
{
"ID": "oval:org.altlinux.errata:obj:20241646003",
"Version": "1",
"comment": "libcurl-devel is installed",
"Name": "libcurl-devel"
}
]
}

23
oval/c10f2/ALT-PU-2024-1646/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20241646001",
"Version": "1",
"Comment": "package EVR is earlier than 0:8.6.0-alt1",
"Arch": {},
"Evr": {
"Text": "0:8.6.0-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/c10f2/ALT-PU-2024-1646/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20241646001",
"Version": "1",
"Check": "all",
"Comment": "curl is earlier than 0:8.6.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241646001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241646001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241646002",
"Version": "1",
"Check": "all",
"Comment": "libcurl is earlier than 0:8.6.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241646002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241646001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20241646003",
"Version": "1",
"Check": "all",
"Comment": "libcurl-devel is earlier than 0:8.6.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20241646003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20241646001"
}
}
]
}

153
oval/c10f2/ALT-PU-2024-3493/definitions.json Normal file
View File

@ -0,0 +1,153 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20243493",
"Version": "oval:org.altlinux.errata:def:20243493",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-3493: package `suricata` update to version 6.0.10-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-3493",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3493",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-01686",
"RefURL": "https://bdu.fstec.ru/vul/2022-01686",
"Source": "BDU"
},
{
"RefID": "BDU:2023-06804",
"RefURL": "https://bdu.fstec.ru/vul/2023-06804",
"Source": "BDU"
},
{
"RefID": "BDU:2023-06805",
"RefURL": "https://bdu.fstec.ru/vul/2023-06805",
"Source": "BDU"
},
{
"RefID": "CVE-2021-35063",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-35063",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37592",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37592",
"Source": "CVE"
},
{
"RefID": "CVE-2021-45098",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-45098",
"Source": "CVE"
}
],
"Description": "This update upgrades suricata to version 6.0.10-alt1. \nSecurity Fix(es):\n\n * BDU:2022-01686: Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с недостатками разграничения доступа, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-06804: Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с недостаточной проверкой хэш-функции, позволяющая нарушителю реализовать атаку TCP Reset\n\n * BDU:2023-06805: Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю обойти ограничения безопасности и реализовать атаку TCP Reset\n\n * CVE-2021-35063: Suricata before 5.0.7 and 6.x before 6.0.3 has a \"critical evasion.\"\n\n * CVE-2021-37592: Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.\n\n * CVE-2021-45098: An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option. Then, the client can send an HTTP GET request with a forbidden URL. The server will ignore the RST ACK and send the response HTTP packet for the client's request. These packets will not trigger a Suricata reject action.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-03-13"
},
"Updated": {
"Date": "2024-03-13"
},
"bdu": [
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-264",
"Href": "https://bdu.fstec.ru/vul/2022-01686",
"Impact": "High",
"Public": "20210630",
"CveID": "BDU:2022-01686"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"Cwe": "CWE-284, CWE-327",
"Href": "https://bdu.fstec.ru/vul/2023-06804",
"Impact": "High",
"Public": "20210926",
"CveID": "BDU:2023-06804"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-121, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2023-06805",
"Impact": "Critical",
"Public": "20210727",
"CveID": "BDU:2023-06805"
}
],
"Cves": [
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-35063",
"Impact": "High",
"Public": "20210722",
"CveID": "CVE-2021-35063"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37592",
"Impact": "Critical",
"Public": "20211119",
"CveID": "CVE-2021-37592"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"Cwe": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-45098",
"Impact": "High",
"Public": "20211216",
"CveID": "CVE-2021-45098"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20243493001",
"Comment": "suricata is earlier than 0:6.0.10-alt1"
}
]
}
]
}
}
]
}

34
oval/c10f2/ALT-PU-2024-3493/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20243493001",
"Version": "1",
"comment": "suricata is installed",
"Name": "suricata"
}
]
}

23
oval/c10f2/ALT-PU-2024-3493/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20243493001",
"Version": "1",
"Comment": "package EVR is earlier than 0:6.0.10-alt1",
"Arch": {},
"Evr": {
"Text": "0:6.0.10-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f2/ALT-PU-2024-3493/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20243493001",
"Version": "1",
"Check": "all",
"Comment": "suricata is earlier than 0:6.0.10-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243493001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243493001"
}
}
]
}

91
oval/c10f2/ALT-PU-2024-3782/definitions.json Normal file
View File

@ -0,0 +1,91 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20243782",
"Version": "oval:org.altlinux.errata:def:20243782",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-3782: package `unbound` update to version 1.19.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-3782",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3782",
"Source": "ALTPU"
},
{
"RefID": "CVE-2024-1931",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1931",
"Source": "CVE"
}
],
"Description": "This update upgrades unbound to version 1.19.2-alt1. \nSecurity Fix(es):\n\n * CVE-2024-1931: NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's advertised buffer size. Before removing all the EDE records however, it would try to see if trimming the extra text fields on those records would result in an acceptable size while still retaining the EDE codes. Due to an unchecked condition, the code that trims the text of the EDE records could loop indefinitely. This happens when Unbound would reply with attached EDE information on a positive reply and the client's buffer size is smaller than the needed space to include EDE records. The vulnerability can only be triggered when the 'ede: yes' option is used; non default configuration. From version 1.19.2 on, the code is fixed to avoid looping indefinitely.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-03-13"
},
"Updated": {
"Date": "2024-03-13"
},
"bdu": null,
"Cves": [
{
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1931",
"Impact": "None",
"Public": "20240307",
"CveID": "CVE-2024-1931"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20243782001",
"Comment": "libunbound is earlier than 0:1.19.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20243782002",
"Comment": "libunbound-devel is earlier than 0:1.19.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20243782003",
"Comment": "unbound is earlier than 0:1.19.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20243782004",
"Comment": "unbound-control is earlier than 0:1.19.2-alt1"
}
]
}
]
}
}
]
}

52
oval/c10f2/ALT-PU-2024-3782/objects.json Normal file
View File

@ -0,0 +1,52 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20243782001",
"Version": "1",
"comment": "libunbound is installed",
"Name": "libunbound"
},
{
"ID": "oval:org.altlinux.errata:obj:20243782002",
"Version": "1",
"comment": "libunbound-devel is installed",
"Name": "libunbound-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20243782003",
"Version": "1",
"comment": "unbound is installed",
"Name": "unbound"
},
{
"ID": "oval:org.altlinux.errata:obj:20243782004",
"Version": "1",
"comment": "unbound-control is installed",
"Name": "unbound-control"
}
]
}

23
oval/c10f2/ALT-PU-2024-3782/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20243782001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.19.2-alt1",
"Arch": {},
"Evr": {
"Text": "0:1.19.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

66
oval/c10f2/ALT-PU-2024-3782/tests.json Normal file
View File

@ -0,0 +1,66 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20243782001",
"Version": "1",
"Check": "all",
"Comment": "libunbound is earlier than 0:1.19.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243782001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243782001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20243782002",
"Version": "1",
"Check": "all",
"Comment": "libunbound-devel is earlier than 0:1.19.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243782002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243782001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20243782003",
"Version": "1",
"Check": "all",
"Comment": "unbound is earlier than 0:1.19.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243782003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243782001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20243782004",
"Version": "1",
"Check": "all",
"Comment": "unbound-control is earlier than 0:1.19.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243782004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243782001"
}
}
]
}

158
oval/c10f2/ALT-PU-2024-3888/definitions.json Normal file
View File

@ -0,0 +1,158 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20243888",
"Version": "oval:org.altlinux.errata:def:20243888",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-3888: package `connman` update to version 1.42-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f2"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-3888",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3888",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-07359",
"RefURL": "https://bdu.fstec.ru/vul/2022-07359",
"Source": "BDU"
},
{
"RefID": "BDU:2022-07360",
"RefURL": "https://bdu.fstec.ru/vul/2022-07360",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03868",
"RefURL": "https://bdu.fstec.ru/vul/2023-03868",
"Source": "BDU"
},
{
"RefID": "CVE-2022-32292",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-32292",
"Source": "CVE"
},
{
"RefID": "CVE-2022-32293",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-32293",
"Source": "CVE"
},
{
"RefID": "CVE-2023-28488",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-28488",
"Source": "CVE"
}
],
"Description": "This update upgrades connman to version 1.42-alt1. \nSecurity Fix(es):\n\n * BDU:2022-07359: Уязвимость реализации поддержки WISPR диспетчера соединений Connman, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2022-07360: Уязвимость компонента gweb диспетчера соединений Connman, связанная с записью за границами выделенного диапазона памяти, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-03868: Уязвимость компонента client.c диспетчера соединений ConnMan, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2022-32292: In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.\n\n * CVE-2022-32293: In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.\n\n * CVE-2023-28488: client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-03-13"
},
"Updated": {
"Date": "2024-03-13"
},
"bdu": [
{
"Cvss": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"Cvss3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-07359",
"Impact": "High",
"Public": "20220803",
"CveID": "BDU:2022-07359"
},
{
"Cvss": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-07360",
"Impact": "Critical",
"Public": "20220803",
"CveID": "BDU:2022-07360"
},
{
"Cvss": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"Cvss3": "AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2023-03868",
"Impact": "Low",
"Public": "20230411",
"CveID": "BDU:2023-03868"
}
],
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-32292",
"Impact": "Critical",
"Public": "20220803",
"CveID": "CVE-2022-32292"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-32293",
"Impact": "High",
"Public": "20220803",
"CveID": "CVE-2022-32293"
},
{
"Cvss3": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"Cwe": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-28488",
"Impact": "Low",
"Public": "20230412",
"CveID": "CVE-2023-28488"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20243888001",
"Comment": "connman is earlier than 0:1.42-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20243888002",
"Comment": "connman-devel is earlier than 0:1.42-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20243888003",
"Comment": "connman-docs is earlier than 0:1.42-alt1"
}
]
}
]
}
}
]
}

46
oval/c10f2/ALT-PU-2024-3888/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20243888001",
"Version": "1",
"comment": "connman is installed",
"Name": "connman"
},
{
"ID": "oval:org.altlinux.errata:obj:20243888002",
"Version": "1",
"comment": "connman-devel is installed",
"Name": "connman-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20243888003",
"Version": "1",
"comment": "connman-docs is installed",
"Name": "connman-docs"
}
]
}

23
oval/c10f2/ALT-PU-2024-3888/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20243888001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.42-alt1",
"Arch": {},
"Evr": {
"Text": "0:1.42-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/c10f2/ALT-PU-2024-3888/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20243888001",
"Version": "1",
"Check": "all",
"Comment": "connman is earlier than 0:1.42-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243888001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243888001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20243888002",
"Version": "1",
"Check": "all",
"Comment": "connman-devel is earlier than 0:1.42-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243888002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243888001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20243888003",
"Version": "1",
"Check": "all",
"Comment": "connman-docs is earlier than 0:1.42-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243888003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243888001"
}
}
]
}

101
oval/c9f2/ALT-PU-2024-3605/definitions.json Normal file
View File

@ -0,0 +1,101 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20243605",
"Version": "oval:org.altlinux.errata:def:20243605",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-3605: package `gifsicle` update to version 1.93-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-3605",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3605",
"Source": "ALTPU"
},
{
"RefID": "BDU:2018-00509",
"RefURL": "https://bdu.fstec.ru/vul/2018-00509",
"Source": "BDU"
},
{
"RefID": "CVE-2017-1000421",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000421",
"Source": "CVE"
}
],
"Description": "This update upgrades gifsicle to version 1.93-alt1. \nSecurity Fix(es):\n\n * BDU:2018-00509: Уязвимость функции read_gif программного обеспечения для просмотра GIF-файлов gifview пакета программ для создания, редактирования и оптимизации GIF-файлов Gifsicle, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2017-1000421: Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-03-13"
},
"Updated": {
"Date": "2024-03-13"
},
"bdu": [
{
"Cvss": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2018-00509",
"Impact": "Critical",
"Public": "20170809",
"CveID": "BDU:2018-00509"
}
],
"Cves": [
{
"Cvss": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"Cvss3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000421",
"Impact": "Critical",
"Public": "20180102",
"CveID": "CVE-2017-1000421"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20243605001",
"Comment": "gifsicle is earlier than 0:1.93-alt1"
}
]
}
]
}
}
]
}

34
oval/c9f2/ALT-PU-2024-3605/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20243605001",
"Version": "1",
"comment": "gifsicle is installed",
"Name": "gifsicle"
}
]
}

23
oval/c9f2/ALT-PU-2024-3605/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20243605001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.93-alt1",
"Arch": {},
"Evr": {
"Text": "0:1.93-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2024-3605/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20243605001",
"Version": "1",
"Check": "all",
"Comment": "gifsicle is earlier than 0:1.93-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243605001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243605001"
}
}
]
}

95
oval/c9f2/ALT-PU-2024-3780/definitions.json Normal file
View File

@ -0,0 +1,95 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20243780",
"Version": "oval:org.altlinux.errata:def:20243780",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-3780: package `unbound` update to version 1.19.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-3780",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3780",
"Source": "ALTPU"
},
{
"RefID": "CVE-2024-1931",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1931",
"Source": "CVE"
}
],
"Description": "This update upgrades unbound to version 1.19.2-alt1. \nSecurity Fix(es):\n\n * CVE-2024-1931: NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's advertised buffer size. Before removing all the EDE records however, it would try to see if trimming the extra text fields on those records would result in an acceptable size while still retaining the EDE codes. Due to an unchecked condition, the code that trims the text of the EDE records could loop indefinitely. This happens when Unbound would reply with attached EDE information on a positive reply and the client's buffer size is smaller than the needed space to include EDE records. The vulnerability can only be triggered when the 'ede: yes' option is used; non default configuration. From version 1.19.2 on, the code is fixed to avoid looping indefinitely.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-03-13"
},
"Updated": {
"Date": "2024-03-13"
},
"bdu": null,
"Cves": [
{
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1931",
"Impact": "None",
"Public": "20240307",
"CveID": "CVE-2024-1931"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20243780001",
"Comment": "libunbound is earlier than 0:1.19.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20243780002",
"Comment": "libunbound-devel is earlier than 0:1.19.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20243780003",
"Comment": "unbound is earlier than 0:1.19.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20243780004",
"Comment": "unbound-control is earlier than 0:1.19.2-alt1"
}
]
}
]
}
}
]
}

52
oval/c9f2/ALT-PU-2024-3780/objects.json Normal file
View File

@ -0,0 +1,52 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20243780001",
"Version": "1",
"comment": "libunbound is installed",
"Name": "libunbound"
},
{
"ID": "oval:org.altlinux.errata:obj:20243780002",
"Version": "1",
"comment": "libunbound-devel is installed",
"Name": "libunbound-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:20243780003",
"Version": "1",
"comment": "unbound is installed",
"Name": "unbound"
},
{
"ID": "oval:org.altlinux.errata:obj:20243780004",
"Version": "1",
"comment": "unbound-control is installed",
"Name": "unbound-control"
}
]
}

23
oval/c9f2/ALT-PU-2024-3780/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20243780001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.19.2-alt1",
"Arch": {},
"Evr": {
"Text": "0:1.19.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

66
oval/c9f2/ALT-PU-2024-3780/tests.json Normal file
View File

@ -0,0 +1,66 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20243780001",
"Version": "1",
"Check": "all",
"Comment": "libunbound is earlier than 0:1.19.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243780001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243780001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20243780002",
"Version": "1",
"Check": "all",
"Comment": "libunbound-devel is earlier than 0:1.19.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243780002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243780001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20243780003",
"Version": "1",
"Check": "all",
"Comment": "unbound is earlier than 0:1.19.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243780003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243780001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:20243780004",
"Version": "1",
"Check": "all",
"Comment": "unbound-control is earlier than 0:1.19.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243780004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243780001"
}
}
]
}

111
oval/c9f2/ALT-PU-2024-3792/definitions.json Normal file
View File

@ -0,0 +1,111 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20243792",
"Version": "oval:org.altlinux.errata:def:20243792",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-3792: package `gitea` update to version 1.20.5-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-3792",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3792",
"Source": "ALTPU"
},
{
"RefID": "CVE-2022-38795",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-38795",
"Source": "CVE"
},
{
"RefID": "CVE-2022-42968",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-42968",
"Source": "CVE"
},
{
"RefID": "CVE-2023-3515",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3515",
"Source": "CVE"
}
],
"Description": "This update upgrades gitea to version 1.20.5-alt1. \nSecurity Fix(es):\n\n * CVE-2022-38795: In Gitea through 1.17.1, repo cloning can occur in the migration function.\n\n * CVE-2022-42968: Gitea before 1.17.3 does not sanitize and escape refs in the git backend. Arguments to git commands are mishandled.\n\n * CVE-2023-3515: Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-03-13"
},
"Updated": {
"Date": "2024-03-13"
},
"bdu": null,
"Cves": [
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"Cwe": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-38795",
"Impact": "Low",
"Public": "20230807",
"CveID": "CVE-2022-38795"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Cwe": "CWE-88",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-42968",
"Impact": "Critical",
"Public": "20221016",
"CveID": "CVE-2022-42968"
},
{
"Cvss3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"Cwe": "CWE-601",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3515",
"Impact": "Low",
"Public": "20230705",
"CveID": "CVE-2023-3515"
}
],
"AffectedCpeList": {
"Cpe": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20243792001",
"Comment": "gitea is earlier than 0:1.20.5-alt1"
}
]
}
]
}
}
]
}

34
oval/c9f2/ALT-PU-2024-3792/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"comment": "Evaluate `/etc/os-release` file content",
"Path": {
"dataType": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RpmInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20243792001",
"Version": "1",
"comment": "gitea is installed",
"Name": "gitea"
}
]
}

23
oval/c9f2/ALT-PU-2024-3792/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RpmInfoState": [
{
"ID": "oval:org.altlinux.errata:ste:20243792001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.20.5-alt1",
"Arch": {},
"Evr": {
"Text": "0:1.20.5-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2024-3792/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20243792001",
"Version": "1",
"Check": "all",
"Comment": "gitea is earlier than 0:1.20.5-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20243792001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20243792001"
}
}
]
}