ALT Vulnerability
This commit is contained in:
parent
7221cd8dd9
commit
60ccca6a3e
77
oval/c10f1/ALT-PU-2024-4065/definitions.json
Normal file
77
oval/c10f1/ALT-PU-2024-4065/definitions.json
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20244065",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20244065",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-4065: package `nvidia-modprobe` update to version 550.54.14-alt1",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c10f1"
|
||||||
|
],
|
||||||
|
"Products": [
|
||||||
|
"ALT SP Workstation",
|
||||||
|
"ALT SP Server"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-4065",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-4065",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades nvidia-modprobe to version 550.54.14-alt1. \nSecurity Fix(es):\n\n * #43826: Черный экран при входе пользователя из группы users",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "Low",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": null,
|
||||||
|
"Bugzilla": [
|
||||||
|
{
|
||||||
|
"Id": "43826",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/43826",
|
||||||
|
"Data": "Черный экран при входе пользователя из группы users"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:10",
|
||||||
|
"cpe:/o:alt:spserver:10"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:4001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244065001",
|
||||||
|
"Comment": "nvidia-modprobe is earlier than 0:550.54.14-alt1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
34
oval/c10f1/ALT-PU-2024-4065/objects.json
Normal file
34
oval/c10f1/ALT-PU-2024-4065/objects.json
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244065001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "nvidia-modprobe is installed",
|
||||||
|
"Name": "nvidia-modprobe"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c10f1/ALT-PU-2024-4065/states.json
Normal file
23
oval/c10f1/ALT-PU-2024-4065/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20244065001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:550.54.14-alt1",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:550.54.14-alt1",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
30
oval/c10f1/ALT-PU-2024-4065/tests.json
Normal file
30
oval/c10f1/ALT-PU-2024-4065/tests.json
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:4001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244065001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "nvidia-modprobe is earlier than 0:550.54.14-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244065001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244065001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
99
oval/c10f1/ALT-PU-2024-4163/definitions.json
Normal file
99
oval/c10f1/ALT-PU-2024-4163/definitions.json
Normal file
@ -0,0 +1,99 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20244163",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20244163",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-4163: package `minidlna` update to version 1.3.3-alt1",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c10f1"
|
||||||
|
],
|
||||||
|
"Products": [
|
||||||
|
"ALT SP Workstation",
|
||||||
|
"ALT SP Server"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-4163",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-4163",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2022-26505",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-26505",
|
||||||
|
"Source": "CVE"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2023-33476",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-33476",
|
||||||
|
"Source": "CVE"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades minidlna to version 1.3.3-alt1. \nSecurity Fix(es):\n\n * CVE-2022-26505: A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.\n\n * CVE-2023-33476: ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write.",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "Critical",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": null,
|
||||||
|
"Cves": [
|
||||||
|
{
|
||||||
|
"Cvss": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
|
||||||
|
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
|
||||||
|
"Cwe": "CWE-290",
|
||||||
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-26505",
|
||||||
|
"Impact": "High",
|
||||||
|
"Public": "20220306",
|
||||||
|
"CveID": "CVE-2022-26505"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||||
|
"Cwe": "CWE-787",
|
||||||
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-33476",
|
||||||
|
"Impact": "Critical",
|
||||||
|
"Public": "20230602",
|
||||||
|
"CveID": "CVE-2023-33476"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:10",
|
||||||
|
"cpe:/o:alt:spserver:10"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:4001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244163001",
|
||||||
|
"Comment": "minidlna is earlier than 0:1.3.3-alt1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
34
oval/c10f1/ALT-PU-2024-4163/objects.json
Normal file
34
oval/c10f1/ALT-PU-2024-4163/objects.json
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244163001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "minidlna is installed",
|
||||||
|
"Name": "minidlna"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c10f1/ALT-PU-2024-4163/states.json
Normal file
23
oval/c10f1/ALT-PU-2024-4163/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20244163001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:1.3.3-alt1",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:1.3.3-alt1",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
30
oval/c10f1/ALT-PU-2024-4163/tests.json
Normal file
30
oval/c10f1/ALT-PU-2024-4163/tests.json
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:4001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244163001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "minidlna is earlier than 0:1.3.3-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244163001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244163001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
89
oval/c10f1/ALT-PU-2024-4165/definitions.json
Normal file
89
oval/c10f1/ALT-PU-2024-4165/definitions.json
Normal file
@ -0,0 +1,89 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20244165",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20244165",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-4165: package `libsass` update to version 3.6.6-alt1",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c10f1"
|
||||||
|
],
|
||||||
|
"Products": [
|
||||||
|
"ALT SP Workstation",
|
||||||
|
"ALT SP Server"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-4165",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-4165",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2022-26592",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-26592",
|
||||||
|
"Source": "CVE"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades libsass to version 3.6.6-alt1. \nSecurity Fix(es):\n\n * CVE-2022-26592: Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function.",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "High",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": null,
|
||||||
|
"Cves": [
|
||||||
|
{
|
||||||
|
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||||
|
"Cwe": "CWE-787",
|
||||||
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-26592",
|
||||||
|
"Impact": "High",
|
||||||
|
"Public": "20230822",
|
||||||
|
"CveID": "CVE-2022-26592"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:10",
|
||||||
|
"cpe:/o:alt:spserver:10"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:4001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244165001",
|
||||||
|
"Comment": "libsass is earlier than 0:3.6.6-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244165002",
|
||||||
|
"Comment": "libsass-devel is earlier than 0:3.6.6-alt1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
40
oval/c10f1/ALT-PU-2024-4165/objects.json
Normal file
40
oval/c10f1/ALT-PU-2024-4165/objects.json
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244165001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libsass is installed",
|
||||||
|
"Name": "libsass"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244165002",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libsass-devel is installed",
|
||||||
|
"Name": "libsass-devel"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c10f1/ALT-PU-2024-4165/states.json
Normal file
23
oval/c10f1/ALT-PU-2024-4165/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20244165001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:3.6.6-alt1",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:3.6.6-alt1",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
42
oval/c10f1/ALT-PU-2024-4165/tests.json
Normal file
42
oval/c10f1/ALT-PU-2024-4165/tests.json
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:4001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244165001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libsass is earlier than 0:3.6.6-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244165001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244165001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244165002",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libsass-devel is earlier than 0:3.6.6-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244165002"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244165001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
108
oval/c10f1/ALT-PU-2024-4175/definitions.json
Normal file
108
oval/c10f1/ALT-PU-2024-4175/definitions.json
Normal file
@ -0,0 +1,108 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20244175",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20244175",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-4175: package `curl` update to version 8.6.0-alt1",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c10f1"
|
||||||
|
],
|
||||||
|
"Products": [
|
||||||
|
"ALT SP Workstation",
|
||||||
|
"ALT SP Server"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-4175",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-4175",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "BDU:2024-01014",
|
||||||
|
"RefURL": "https://bdu.fstec.ru/vul/2024-01014",
|
||||||
|
"Source": "BDU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2024-0853",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853",
|
||||||
|
"Source": "CVE"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades curl to version 8.6.0-alt1. \nSecurity Fix(es):\n\n * BDU:2024-01014: Уязвимость реализации протокола TLS утилиты командной строки cURL, позволяющая нарушителю обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации\n\n * CVE-2024-0853: curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to\nthe same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check.",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "Low",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": [
|
||||||
|
{
|
||||||
|
"Cvss": "AV:N/AC:L/Au:M/C:P/I:P/A:N",
|
||||||
|
"Cvss3": "AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
|
||||||
|
"Cwe": "CWE-299",
|
||||||
|
"Href": "https://bdu.fstec.ru/vul/2024-01014",
|
||||||
|
"Impact": "Low",
|
||||||
|
"Public": "20231229",
|
||||||
|
"CveID": "BDU:2024-01014"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Cves": [
|
||||||
|
{
|
||||||
|
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
||||||
|
"Cwe": "CWE-295",
|
||||||
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853",
|
||||||
|
"Impact": "Low",
|
||||||
|
"Public": "20240203",
|
||||||
|
"CveID": "CVE-2024-0853"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:10",
|
||||||
|
"cpe:/o:alt:spserver:10"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:4001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244175001",
|
||||||
|
"Comment": "curl is earlier than 0:8.6.0-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244175002",
|
||||||
|
"Comment": "libcurl is earlier than 0:8.6.0-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244175003",
|
||||||
|
"Comment": "libcurl-devel is earlier than 0:8.6.0-alt1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
46
oval/c10f1/ALT-PU-2024-4175/objects.json
Normal file
46
oval/c10f1/ALT-PU-2024-4175/objects.json
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244175001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "curl is installed",
|
||||||
|
"Name": "curl"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244175002",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libcurl is installed",
|
||||||
|
"Name": "libcurl"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244175003",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libcurl-devel is installed",
|
||||||
|
"Name": "libcurl-devel"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c10f1/ALT-PU-2024-4175/states.json
Normal file
23
oval/c10f1/ALT-PU-2024-4175/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20244175001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:8.6.0-alt1",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:8.6.0-alt1",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
54
oval/c10f1/ALT-PU-2024-4175/tests.json
Normal file
54
oval/c10f1/ALT-PU-2024-4175/tests.json
Normal file
@ -0,0 +1,54 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:4001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:4001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244175001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "curl is earlier than 0:8.6.0-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244175001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244175001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244175002",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libcurl is earlier than 0:8.6.0-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244175002"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244175001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244175003",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libcurl-devel is earlier than 0:8.6.0-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244175003"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244175001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
153
oval/c10f2/ALT-PU-2024-3895/definitions.json
Normal file
153
oval/c10f2/ALT-PU-2024-3895/definitions.json
Normal file
@ -0,0 +1,153 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20243895",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20243895",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-3895: package `lightdm-kde-greeter` update to version 0.4.18-alt1",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c10f2"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-3895",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3895",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades lightdm-kde-greeter to version 0.4.18-alt1. \nSecurity Fix(es):\n\n * #46353: Не запоминается логин последнего доменного пользователя\n\n * #46496: НЕ отображаются всплывающие подсказки для смены языка и выбора сеанса\n\n * #46499: Виртуальная клавиатура пропадает после ввода 1 символа, ввести пароль невозможно при подключении к сети через виджет на экране входа\n\n * #46500: В случае длинного имени пользователя или пароля буквы наползают на значок \"виртуальная клавиатура\"\n\n * #46502: [usability] Настроенная на экране входа сеть недоступна после входа в систему\n\n * #46514: [usability] Отсутствует пользовательское сообщение при вводе некорректного пароля для подключения к сети\n\n * #46518: Не осуществляется подключение ко второй сети\n\n * #46524: guest отображается со звездочкой на экране входа\n\n * #46525: Некорректное сообщение \"Неверный пароль, повторите попытку\" в случае, если срок действия аккаунта истек или аккаунт заблокирован\n\n * #46530: Не выполняется автологин\n\n * #46533: Некорректное отображение темы Классическая при подключенном втором мониторе\n\n * #46534: Некорректная работа всех элементов навигации в Классической теме при подключенном втором мониторе\n\n * #46606: Не запускает сессию wayland при автологине, если при установке создать пользователя с опцией \"Автоматический вход в систему\"\n\n * #47377: Не работает двухфакторная аутентификация\n\n * #47760: Неверно показывает поля входа после нажатия кнопки Войти другим пользователем\n\n * #47950: Стандартная иконка аватара пользователя LightDM (черный на сером)\n\n * #48123: При вводе пароля wifi не работает показ",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "Low",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": null,
|
||||||
|
"Bugzilla": [
|
||||||
|
{
|
||||||
|
"Id": "46353",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46353",
|
||||||
|
"Data": "Не запоминается логин последнего доменного пользователя"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46496",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46496",
|
||||||
|
"Data": "НЕ отображаются всплывающие подсказки для смены языка и выбора сеанса"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46499",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46499",
|
||||||
|
"Data": "Виртуальная клавиатура пропадает после ввода 1 символа, ввести пароль невозможно при подключении к сети через виджет на экране входа"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46500",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46500",
|
||||||
|
"Data": "В случае длинного имени пользователя или пароля буквы наползают на значок \"виртуальная клавиатура\""
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46502",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46502",
|
||||||
|
"Data": "[usability] Настроенная на экране входа сеть недоступна после входа в систему"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46514",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46514",
|
||||||
|
"Data": "[usability] Отсутствует пользовательское сообщение при вводе некорректного пароля для подключения к сети"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46518",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46518",
|
||||||
|
"Data": "Не осуществляется подключение ко второй сети"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46524",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46524",
|
||||||
|
"Data": "guest отображается со звездочкой на экране входа"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46525",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46525",
|
||||||
|
"Data": "Некорректное сообщение \"Неверный пароль, повторите попытку\" в случае, если срок действия аккаунта истек или аккаунт заблокирован"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46530",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46530",
|
||||||
|
"Data": "Не выполняется автологин"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46533",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46533",
|
||||||
|
"Data": "Некорректное отображение темы Классическая при подключенном втором мониторе"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46534",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46534",
|
||||||
|
"Data": "Некорректная работа всех элементов навигации в Классической теме при подключенном втором мониторе"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46606",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46606",
|
||||||
|
"Data": "Не запускает сессию wayland при автологине, если при установке создать пользователя с опцией \"Автоматический вход в систему\""
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "47377",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/47377",
|
||||||
|
"Data": "Не работает двухфакторная аутентификация"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "47760",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/47760",
|
||||||
|
"Data": "Неверно показывает поля входа после нажатия кнопки Войти другим пользователем"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "47950",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/47950",
|
||||||
|
"Data": "Стандартная иконка аватара пользователя LightDM (черный на сером)"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "48123",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/48123",
|
||||||
|
"Data": "При вводе пароля wifi не работает показ"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:10",
|
||||||
|
"cpe:/o:alt:spserver:10"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:5001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20243895001",
|
||||||
|
"Comment": "lightdm-kde-greeter is earlier than 0:0.4.18-alt1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
34
oval/c10f2/ALT-PU-2024-3895/objects.json
Normal file
34
oval/c10f2/ALT-PU-2024-3895/objects.json
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20243895001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "lightdm-kde-greeter is installed",
|
||||||
|
"Name": "lightdm-kde-greeter"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c10f2/ALT-PU-2024-3895/states.json
Normal file
23
oval/c10f2/ALT-PU-2024-3895/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20243895001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:0.4.18-alt1",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:0.4.18-alt1",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
30
oval/c10f2/ALT-PU-2024-3895/tests.json
Normal file
30
oval/c10f2/ALT-PU-2024-3895/tests.json
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:5001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20243895001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "lightdm-kde-greeter is earlier than 0:0.4.18-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20243895001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20243895001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
93
oval/c10f2/ALT-PU-2024-3924/definitions.json
Normal file
93
oval/c10f2/ALT-PU-2024-3924/definitions.json
Normal file
@ -0,0 +1,93 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20243924",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20243924",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-3924: package `alterator-netinst` update to version 1.9.1-alt7",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c10f2"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-3924",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3924",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades alterator-netinst to version 1.9.1-alt7. \nSecurity Fix(es):\n\n * #40265: Сервер сетевых установок: удалить образ -\u003e образ отображается в текущих\n\n * #45970: [FR] Крайне необходимо добавить возможность выставления опции ai для автоинсталла (сценарий установки по PXE)\n\n * #46599: Сервер сетевых установок: удалить образ -\u003e сервер не грузится\n\n * #46975: Некорректное применение настроек через alterator-netinst: невозможно удалить строки, связанные с подключением по VNC\n\n * #49051: Нет возможности выбрать вариант загрузки, пустое значение",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "Low",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": null,
|
||||||
|
"Bugzilla": [
|
||||||
|
{
|
||||||
|
"Id": "40265",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/40265",
|
||||||
|
"Data": "Сервер сетевых установок: удалить образ -\u003e образ отображается в текущих"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "45970",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/45970",
|
||||||
|
"Data": "[FR] Крайне необходимо добавить возможность выставления опции ai для автоинсталла (сценарий установки по PXE)"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46599",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46599",
|
||||||
|
"Data": "Сервер сетевых установок: удалить образ -\u003e сервер не грузится"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "46975",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/46975",
|
||||||
|
"Data": "Некорректное применение настроек через alterator-netinst: невозможно удалить строки, связанные с подключением по VNC"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Id": "49051",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/49051",
|
||||||
|
"Data": "Нет возможности выбрать вариант загрузки, пустое значение"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:10",
|
||||||
|
"cpe:/o:alt:spserver:10"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:5001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20243924001",
|
||||||
|
"Comment": "alterator-netinst is earlier than 0:1.9.1-alt7"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
34
oval/c10f2/ALT-PU-2024-3924/objects.json
Normal file
34
oval/c10f2/ALT-PU-2024-3924/objects.json
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20243924001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "alterator-netinst is installed",
|
||||||
|
"Name": "alterator-netinst"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c10f2/ALT-PU-2024-3924/states.json
Normal file
23
oval/c10f2/ALT-PU-2024-3924/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20243924001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:1.9.1-alt7",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:1.9.1-alt7",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
30
oval/c10f2/ALT-PU-2024-3924/tests.json
Normal file
30
oval/c10f2/ALT-PU-2024-3924/tests.json
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:5001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20243924001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "alterator-netinst is earlier than 0:1.9.1-alt7",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20243924001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20243924001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
88
oval/c10f2/ALT-PU-2024-4171/definitions.json
Normal file
88
oval/c10f2/ALT-PU-2024-4171/definitions.json
Normal file
@ -0,0 +1,88 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20244171",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20244171",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-4171: package `salt` update to version 3005.5-alt1",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c10f2"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-4171",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-4171",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2024-22231",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22231",
|
||||||
|
"Source": "CVE"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2024-22232",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22232",
|
||||||
|
"Source": "CVE"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades salt to version 3005.5-alt1. \nSecurity Fix(es):\n\n * CVE-2024-22231: description unavailable\n\n * CVE-2024-22232: description unavailable",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "Low",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": null,
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:10",
|
||||||
|
"cpe:/o:alt:spserver:10"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:5001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244171001",
|
||||||
|
"Comment": "python3-module-salt is earlier than 0:3005.5-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244171002",
|
||||||
|
"Comment": "salt-api is earlier than 0:3005.5-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244171003",
|
||||||
|
"Comment": "salt-master is earlier than 0:3005.5-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244171004",
|
||||||
|
"Comment": "salt-minion is earlier than 0:3005.5-alt1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
52
oval/c10f2/ALT-PU-2024-4171/objects.json
Normal file
52
oval/c10f2/ALT-PU-2024-4171/objects.json
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244171001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "python3-module-salt is installed",
|
||||||
|
"Name": "python3-module-salt"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244171002",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "salt-api is installed",
|
||||||
|
"Name": "salt-api"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244171003",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "salt-master is installed",
|
||||||
|
"Name": "salt-master"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244171004",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "salt-minion is installed",
|
||||||
|
"Name": "salt-minion"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c10f2/ALT-PU-2024-4171/states.json
Normal file
23
oval/c10f2/ALT-PU-2024-4171/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20244171001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:3005.5-alt1",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:3005.5-alt1",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
66
oval/c10f2/ALT-PU-2024-4171/tests.json
Normal file
66
oval/c10f2/ALT-PU-2024-4171/tests.json
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:5001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c10f2' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:5001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244171001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "python3-module-salt is earlier than 0:3005.5-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244171001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244171001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244171002",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "salt-api is earlier than 0:3005.5-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244171002"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244171001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244171003",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "salt-master is earlier than 0:3005.5-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244171003"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244171001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244171004",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "salt-minion is earlier than 0:3005.5-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244171004"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244171001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
100
oval/c9f2/ALT-PU-2024-3988/definitions.json
Normal file
100
oval/c9f2/ALT-PU-2024-3988/definitions.json
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20243988",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20243988",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-3988: package `vault` update to version 1.13.12-alt2",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c9f2"
|
||||||
|
],
|
||||||
|
"Products": [
|
||||||
|
"ALT SPWorkstation",
|
||||||
|
"ALT SPServer"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-3988",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-3988",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "BDU:2023-08660",
|
||||||
|
"RefURL": "https://bdu.fstec.ru/vul/2023-08660",
|
||||||
|
"Source": "BDU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2023-6337",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-6337",
|
||||||
|
"Source": "CVE"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades vault to version 1.13.12-alt2. \nSecurity Fix(es):\n\n * BDU:2023-08660: Уязвимость компонента max_request_duration платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2023-6337: HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of available memory on the host, which may cause Vault to crash.\n\nFixed in Vault 1.15.4, 1.14.8, 1.13.12.\n\n",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "High",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": [
|
||||||
|
{
|
||||||
|
"Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||||||
|
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||||
|
"Cwe": "CWE-770",
|
||||||
|
"Href": "https://bdu.fstec.ru/vul/2023-08660",
|
||||||
|
"Impact": "High",
|
||||||
|
"Public": "20231127",
|
||||||
|
"CveID": "BDU:2023-08660"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Cves": [
|
||||||
|
{
|
||||||
|
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||||
|
"Cwe": "CWE-770",
|
||||||
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-6337",
|
||||||
|
"Impact": "High",
|
||||||
|
"Public": "20231208",
|
||||||
|
"CveID": "CVE-2023-6337"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:8.4",
|
||||||
|
"cpe:/o:alt:spserver:8.4"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:3001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20243988001",
|
||||||
|
"Comment": "vault is earlier than 0:1.13.12-alt2"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
34
oval/c9f2/ALT-PU-2024-3988/objects.json
Normal file
34
oval/c9f2/ALT-PU-2024-3988/objects.json
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20243988001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "vault is installed",
|
||||||
|
"Name": "vault"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c9f2/ALT-PU-2024-3988/states.json
Normal file
23
oval/c9f2/ALT-PU-2024-3988/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20243988001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:1.13.12-alt2",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:1.13.12-alt2",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
30
oval/c9f2/ALT-PU-2024-3988/tests.json
Normal file
30
oval/c9f2/ALT-PU-2024-3988/tests.json
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:3001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20243988001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "vault is earlier than 0:1.13.12-alt2",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20243988001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20243988001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
701
oval/c9f2/ALT-PU-2024-4030/definitions.json
Normal file
701
oval/c9f2/ALT-PU-2024-4030/definitions.json
Normal file
File diff suppressed because one or more lines are too long
58
oval/c9f2/ALT-PU-2024-4030/objects.json
Normal file
58
oval/c9f2/ALT-PU-2024-4030/objects.json
Normal file
@ -0,0 +1,58 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244030001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "MySQL-client is installed",
|
||||||
|
"Name": "MySQL-client"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244030002",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "MySQL-server is installed",
|
||||||
|
"Name": "MySQL-server"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244030003",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "MySQL-server-perl is installed",
|
||||||
|
"Name": "MySQL-server-perl"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244030004",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libmysqlclient21 is installed",
|
||||||
|
"Name": "libmysqlclient21"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244030005",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libmysqlclient21-devel is installed",
|
||||||
|
"Name": "libmysqlclient21-devel"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c9f2/ALT-PU-2024-4030/states.json
Normal file
23
oval/c9f2/ALT-PU-2024-4030/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20244030001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:8.0.36-alt0.c9.1",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:8.0.36-alt0.c9.1",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
78
oval/c9f2/ALT-PU-2024-4030/tests.json
Normal file
78
oval/c9f2/ALT-PU-2024-4030/tests.json
Normal file
@ -0,0 +1,78 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:3001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244030001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "MySQL-client is earlier than 0:8.0.36-alt0.c9.1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244030001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244030001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244030002",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "MySQL-server is earlier than 0:8.0.36-alt0.c9.1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244030002"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244030001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244030003",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "MySQL-server-perl is earlier than 0:8.0.36-alt0.c9.1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244030003"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244030001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244030004",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libmysqlclient21 is earlier than 0:8.0.36-alt0.c9.1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244030004"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244030001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244030005",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libmysqlclient21-devel is earlier than 0:8.0.36-alt0.c9.1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244030005"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244030001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
108
oval/c9f2/ALT-PU-2024-4039/definitions.json
Normal file
108
oval/c9f2/ALT-PU-2024-4039/definitions.json
Normal file
@ -0,0 +1,108 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20244039",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20244039",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-4039: package `libssh2` update to version 1.11.0-alt2",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c9f2"
|
||||||
|
],
|
||||||
|
"Products": [
|
||||||
|
"ALT SPWorkstation",
|
||||||
|
"ALT SPServer"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-4039",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-4039",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "BDU:2023-08853",
|
||||||
|
"RefURL": "https://bdu.fstec.ru/vul/2023-08853",
|
||||||
|
"Source": "BDU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2023-48795",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
|
||||||
|
"Source": "CVE"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades libssh2 to version 1.11.0-alt2. \nSecurity Fix(es):\n\n * BDU:2023-08853: Уязвимость реализации протокола SSH, связанная с возможностью откорректировать порядковые номера пакетов в процессе согласования соединения и добиться удаления произвольного числа служебных SSH-сообщений, позволяющая нарушителю обойти проверки целостности, отключить существующие функции безопасности, получить несанкционированный доступ к защищаемой информации\n\n * CVE-2023-48795: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "High",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": [
|
||||||
|
{
|
||||||
|
"Cvss": "AV:N/AC:H/Au:N/C:C/I:C/A:N",
|
||||||
|
"Cvss3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
|
||||||
|
"Cwe": "CWE-222",
|
||||||
|
"Href": "https://bdu.fstec.ru/vul/2023-08853",
|
||||||
|
"Impact": "High",
|
||||||
|
"Public": "20231218",
|
||||||
|
"CveID": "BDU:2023-08853"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Cves": [
|
||||||
|
{
|
||||||
|
"Cvss3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||||||
|
"Cwe": "CWE-354",
|
||||||
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
|
||||||
|
"Impact": "Low",
|
||||||
|
"Public": "20231218",
|
||||||
|
"CveID": "CVE-2023-48795"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:8.4",
|
||||||
|
"cpe:/o:alt:spserver:8.4"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:3001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244039001",
|
||||||
|
"Comment": "libssh2 is earlier than 0:1.11.0-alt2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244039002",
|
||||||
|
"Comment": "libssh2-devel is earlier than 0:1.11.0-alt2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244039003",
|
||||||
|
"Comment": "libssh2-docs is earlier than 0:1.11.0-alt2"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
46
oval/c9f2/ALT-PU-2024-4039/objects.json
Normal file
46
oval/c9f2/ALT-PU-2024-4039/objects.json
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244039001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libssh2 is installed",
|
||||||
|
"Name": "libssh2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244039002",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libssh2-devel is installed",
|
||||||
|
"Name": "libssh2-devel"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244039003",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libssh2-docs is installed",
|
||||||
|
"Name": "libssh2-docs"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c9f2/ALT-PU-2024-4039/states.json
Normal file
23
oval/c9f2/ALT-PU-2024-4039/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20244039001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:1.11.0-alt2",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:1.11.0-alt2",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
54
oval/c9f2/ALT-PU-2024-4039/tests.json
Normal file
54
oval/c9f2/ALT-PU-2024-4039/tests.json
Normal file
@ -0,0 +1,54 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:3001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244039001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libssh2 is earlier than 0:1.11.0-alt2",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244039001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244039001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244039002",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libssh2-devel is earlier than 0:1.11.0-alt2",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244039002"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244039001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244039003",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libssh2-docs is earlier than 0:1.11.0-alt2",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244039003"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244039001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
160
oval/c9f2/ALT-PU-2024-4059/definitions.json
Normal file
160
oval/c9f2/ALT-PU-2024-4059/definitions.json
Normal file
@ -0,0 +1,160 @@
|
|||||||
|
{
|
||||||
|
"Definition": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:def:20244059",
|
||||||
|
"Version": "oval:org.altlinux.errata:def:20244059",
|
||||||
|
"Class": "patch",
|
||||||
|
"Metadata": {
|
||||||
|
"Title": "ALT-PU-2024-4059: package `cyrus-sasl2` update to version 2.1.28-alt1",
|
||||||
|
"AffectedList": [
|
||||||
|
{
|
||||||
|
"Family": "unix",
|
||||||
|
"Platforms": [
|
||||||
|
"ALT Linux branch c9f2"
|
||||||
|
],
|
||||||
|
"Products": [
|
||||||
|
"ALT SPWorkstation",
|
||||||
|
"ALT SPServer"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"References": [
|
||||||
|
{
|
||||||
|
"RefID": "ALT-PU-2024-4059",
|
||||||
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-4059",
|
||||||
|
"Source": "ALTPU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "BDU:2020-01461",
|
||||||
|
"RefURL": "https://bdu.fstec.ru/vul/2020-01461",
|
||||||
|
"Source": "BDU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "BDU:2022-01443",
|
||||||
|
"RefURL": "https://bdu.fstec.ru/vul/2022-01443",
|
||||||
|
"Source": "BDU"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2019-19906",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-19906",
|
||||||
|
"Source": "CVE"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"RefID": "CVE-2022-24407",
|
||||||
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-24407",
|
||||||
|
"Source": "CVE"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Description": "This update upgrades cyrus-sasl2 to version 2.1.28-alt1. \nSecurity Fix(es):\n\n * BDU:2020-01461: Уязвимость метода аунтефикации пользователей Cyrus SASL, связанная с записью за границами буфера памяти, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-01443: Уязвимость реализации механизма аутентификации Cyrus SASL, связанная с непринятием мер по защите структуры SQL-запроса, позволяющая нарушителю выполнить произвольный SQL-запрос\n\n * CVE-2019-19906: cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.\n\n * CVE-2022-24407: In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.\n\n * #49511: При подготовке к Usrmerge сломался sssd",
|
||||||
|
"Advisory": {
|
||||||
|
"From": "errata.altlinux.org",
|
||||||
|
"Severity": "Critical",
|
||||||
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||||||
|
"Issued": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"Updated": {
|
||||||
|
"Date": "2024-03-23"
|
||||||
|
},
|
||||||
|
"bdu": [
|
||||||
|
{
|
||||||
|
"Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||||||
|
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||||
|
"Cwe": "CWE-787",
|
||||||
|
"Href": "https://bdu.fstec.ru/vul/2020-01461",
|
||||||
|
"Impact": "High",
|
||||||
|
"Public": "20191125",
|
||||||
|
"CveID": "BDU:2020-01461"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Cvss": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
|
||||||
|
"Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
|
||||||
|
"Cwe": "CWE-89",
|
||||||
|
"Href": "https://bdu.fstec.ru/vul/2022-01443",
|
||||||
|
"Impact": "Critical",
|
||||||
|
"Public": "20220302",
|
||||||
|
"CveID": "BDU:2022-01443"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Cves": [
|
||||||
|
{
|
||||||
|
"Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
||||||
|
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||||
|
"Cwe": "CWE-787",
|
||||||
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-19906",
|
||||||
|
"Impact": "High",
|
||||||
|
"Public": "20191219",
|
||||||
|
"CveID": "CVE-2019-19906"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Cvss": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
|
||||||
|
"Cvss3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||||
|
"Cwe": "CWE-89",
|
||||||
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-24407",
|
||||||
|
"Impact": "High",
|
||||||
|
"Public": "20220224",
|
||||||
|
"CveID": "CVE-2022-24407"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Bugzilla": [
|
||||||
|
{
|
||||||
|
"Id": "49511",
|
||||||
|
"Href": "https://bugzilla.altlinux.org/49511",
|
||||||
|
"Data": "При подготовке к Usrmerge сломался sssd"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"AffectedCpeList": {
|
||||||
|
"Cpe": [
|
||||||
|
"cpe:/o:alt:spworkstation:8.4",
|
||||||
|
"cpe:/o:alt:spserver:8.4"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"Criteria": {
|
||||||
|
"Operator": "AND",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:3001",
|
||||||
|
"Comment": "ALT Linux must be installed"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"Criterias": [
|
||||||
|
{
|
||||||
|
"Operator": "OR",
|
||||||
|
"Criterions": [
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244059001",
|
||||||
|
"Comment": "cyrus-sasl2 is earlier than 0:2.1.28-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244059002",
|
||||||
|
"Comment": "cyrus-sasl2-docs is earlier than 0:2.1.28-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244059003",
|
||||||
|
"Comment": "libsasl2-3 is earlier than 0:2.1.28-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244059004",
|
||||||
|
"Comment": "libsasl2-devel is earlier than 0:2.1.28-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244059005",
|
||||||
|
"Comment": "libsasl2-plugin-gssapi is earlier than 0:2.1.28-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244059006",
|
||||||
|
"Comment": "libsasl2-plugin-ldapdb is earlier than 0:2.1.28-alt1"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TestRef": "oval:org.altlinux.errata:tst:20244059007",
|
||||||
|
"Comment": "libsasl2-plugin-sql is earlier than 0:2.1.28-alt1"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
70
oval/c9f2/ALT-PU-2024-4059/objects.json
Normal file
70
oval/c9f2/ALT-PU-2024-4059/objects.json
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Objects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "Evaluate `/etc/os-release` file content",
|
||||||
|
"Path": {
|
||||||
|
"dataType": "string",
|
||||||
|
"Text": "/etc"
|
||||||
|
},
|
||||||
|
"Filepath": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Text": "os-release"
|
||||||
|
},
|
||||||
|
"Pattern": {
|
||||||
|
"Datatype": "string",
|
||||||
|
"Operation": "pattern match",
|
||||||
|
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
|
||||||
|
},
|
||||||
|
"Instance": {
|
||||||
|
"Datatype": "int",
|
||||||
|
"Text": "1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoObjects": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244059001",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "cyrus-sasl2 is installed",
|
||||||
|
"Name": "cyrus-sasl2"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244059002",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "cyrus-sasl2-docs is installed",
|
||||||
|
"Name": "cyrus-sasl2-docs"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244059003",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libsasl2-3 is installed",
|
||||||
|
"Name": "libsasl2-3"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244059004",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libsasl2-devel is installed",
|
||||||
|
"Name": "libsasl2-devel"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244059005",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libsasl2-plugin-gssapi is installed",
|
||||||
|
"Name": "libsasl2-plugin-gssapi"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244059006",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libsasl2-plugin-ldapdb is installed",
|
||||||
|
"Name": "libsasl2-plugin-ldapdb"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:obj:20244059007",
|
||||||
|
"Version": "1",
|
||||||
|
"comment": "libsasl2-plugin-sql is installed",
|
||||||
|
"Name": "libsasl2-plugin-sql"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
23
oval/c9f2/ALT-PU-2024-4059/states.json
Normal file
23
oval/c9f2/ALT-PU-2024-4059/states.json
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54State": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"Text": {}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RpmInfoState": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:ste:20244059001",
|
||||||
|
"Version": "1",
|
||||||
|
"Comment": "package EVR is earlier than 0:2.1.28-alt1",
|
||||||
|
"Arch": {},
|
||||||
|
"Evr": {
|
||||||
|
"Text": "0:2.1.28-alt1",
|
||||||
|
"Datatype": "evr_string",
|
||||||
|
"Operation": "less than"
|
||||||
|
},
|
||||||
|
"Subexpression": {}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
102
oval/c9f2/ALT-PU-2024-4059/tests.json
Normal file
102
oval/c9f2/ALT-PU-2024-4059/tests.json
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
{
|
||||||
|
"TextFileContent54Tests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:3001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:3001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"RPMInfoTests": [
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244059001",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "cyrus-sasl2 is earlier than 0:2.1.28-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244059001"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244059001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244059002",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "cyrus-sasl2-docs is earlier than 0:2.1.28-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244059002"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244059001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244059003",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libsasl2-3 is earlier than 0:2.1.28-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244059003"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244059001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244059004",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libsasl2-devel is earlier than 0:2.1.28-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244059004"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244059001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244059005",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libsasl2-plugin-gssapi is earlier than 0:2.1.28-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244059005"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244059001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244059006",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libsasl2-plugin-ldapdb is earlier than 0:2.1.28-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244059006"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244059001"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"ID": "oval:org.altlinux.errata:tst:20244059007",
|
||||||
|
"Version": "1",
|
||||||
|
"Check": "all",
|
||||||
|
"Comment": "libsasl2-plugin-sql is earlier than 0:2.1.28-alt1",
|
||||||
|
"Object": {
|
||||||
|
"ObjectRef": "oval:org.altlinux.errata:obj:20244059007"
|
||||||
|
},
|
||||||
|
"State": {
|
||||||
|
"StateRef": "oval:org.altlinux.errata:ste:20244059001"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user