ALT Vulnerability

oval/c10f2/ALT-PU-2024-6631/definitions.json

@@ -0,0 +1,121 @@
+{
+  "Definition": [
+    {
+      "ID": "oval:org.altlinux.errata:def:20246631",
+      "Version": "oval:org.altlinux.errata:def:20246631",
+      "Class": "patch",
+      "Metadata": {
+        "Title": "ALT-PU-2024-6631: package `guacamole` update to version 1.5.4-alt1",
+        "AffectedList": [
+          {
+            "Family": "unix",
+            "Platforms": [
+              "ALT Linux branch c10f2"
+            ]
+          }
+        ],
+        "References": [
+          {
+            "RefID": "ALT-PU-2024-6631",
+            "RefURL": "https://errata.altlinux.org/ALT-PU-2024-6631",
+            "Source": "ALTPU"
+          },
+          {
+            "RefID": "CVE-2023-43826",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-43826",
+            "Source": "CVE"
+          }
+        ],
+        "Description": "This update upgrades guacamole to version 1.5.4-alt1. \nSecurity Fix(es):\n\n * CVE-2023-43826: Apache Guacamole 1.5.3 and older do not consistently ensure that values received from a VNC server will not result in integer overflow. If a user connects to a malicious or compromised VNC server, specially-crafted data could result in memory corruption, possibly allowing arbitrary code to be executed with the privileges of the running guacd process.\n\nUsers are recommended to upgrade to version 1.5.4, which fixes this issue.\n\n",
+        "Advisory": {
+          "From": "errata.altlinux.org",
+          "Severity": "High",
+          "Rights": "Copyright 2024 BaseALT Ltd.",
+          "Issued": {
+            "Date": "2024-04-17"
+          },
+          "Updated": {
+            "Date": "2024-04-17"
+          },
+          "BDUs": null,
+          "CVEs": [
+            {
+              "ID": "CVE-2023-43826",
+              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+              "CWE": "CWE-190",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-43826",
+              "Impact": "High",
+              "Public": "20231219"
+            }
+          ],
+          "AffectedCPEs": {
+            "CPEs": [
+              "cpe:/o:alt:spworkstation:10",
+              "cpe:/o:alt:spserver:10"
+            ]
+          }
+        }
+      },
+      "Criteria": {
+        "Operator": "AND",
+        "Criterions": [
+          {
+            "TestRef": "oval:org.altlinux.errata:tst:5001",
+            "Comment": "ALT Linux must be installed"
+          }
+        ],
+        "Criterias": [
+          {
+            "Operator": "OR",
+            "Criterions": [
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631001",
+                "Comment": "guacamole-auth-duo is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631002",
+                "Comment": "guacamole-auth-header is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631003",
+                "Comment": "guacamole-auth-jdbc-mysql is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631004",
+                "Comment": "guacamole-auth-jdbc-postgresql is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631005",
+                "Comment": "guacamole-auth-jdbc-sqlserver is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631006",
+                "Comment": "guacamole-auth-json is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631007",
+                "Comment": "guacamole-auth-ldap is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631008",
+                "Comment": "guacamole-auth-quickconnect is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631009",
+                "Comment": "guacamole-auth-sso is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631010",
+                "Comment": "guacamole-auth-totp is earlier than 0:1.5.4-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20246631011",
+                "Comment": "guacamole-client is earlier than 0:1.5.4-alt1"
+              }
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}

oval/c10f2/ALT-PU-2024-6631/objects.json

@@ -0,0 +1,94 @@
+{
+  "TextFileContent54Objects": [
+    {
+      "ID": "oval:org.altlinux.errata:obj:5001",
+      "Version": "1",
+      "Comment": "Evaluate `/etc/os-release` file content",
+      "Path": {
+        "Datatype": "string",
+        "Text": "/etc"
+      },
+      "Filepath": {
+        "Datatype": "string",
+        "Text": "os-release"
+      },
+      "Pattern": {
+        "Datatype": "string",
+        "Operation": "pattern match",
+        "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
+      },
+      "Instance": {
+        "Datatype": "int",
+        "Text": "1"
+      }
+    }
+  ],
+  "RPMInfoObjects": [
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631001",
+      "Version": "1",
+      "Comment": "guacamole-auth-duo is installed",
+      "Name": "guacamole-auth-duo"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631002",
+      "Version": "1",
+      "Comment": "guacamole-auth-header is installed",
+      "Name": "guacamole-auth-header"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631003",
+      "Version": "1",
+      "Comment": "guacamole-auth-jdbc-mysql is installed",
+      "Name": "guacamole-auth-jdbc-mysql"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631004",
+      "Version": "1",
+      "Comment": "guacamole-auth-jdbc-postgresql is installed",
+      "Name": "guacamole-auth-jdbc-postgresql"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631005",
+      "Version": "1",
+      "Comment": "guacamole-auth-jdbc-sqlserver is installed",
+      "Name": "guacamole-auth-jdbc-sqlserver"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631006",
+      "Version": "1",
+      "Comment": "guacamole-auth-json is installed",
+      "Name": "guacamole-auth-json"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631007",
+      "Version": "1",
+      "Comment": "guacamole-auth-ldap is installed",
+      "Name": "guacamole-auth-ldap"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631008",
+      "Version": "1",
+      "Comment": "guacamole-auth-quickconnect is installed",
+      "Name": "guacamole-auth-quickconnect"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631009",
+      "Version": "1",
+      "Comment": "guacamole-auth-sso is installed",
+      "Name": "guacamole-auth-sso"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631010",
+      "Version": "1",
+      "Comment": "guacamole-auth-totp is installed",
+      "Name": "guacamole-auth-totp"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20246631011",
+      "Version": "1",
+      "Comment": "guacamole-client is installed",
+      "Name": "guacamole-client"
+    }
+  ]
+}

oval/c10f2/ALT-PU-2024-6631/states.json

@@ -0,0 +1,23 @@
+{
+  "TextFileContent54State": [
+    {
+      "ID": "oval:org.altlinux.errata:ste:5001",
+      "Version": "1",
+      "Text": {}
+    }
+  ],
+  "RPMInfoStates": [
+    {
+      "ID": "oval:org.altlinux.errata:ste:20246631001",
+      "Version": "1",
+      "Comment": "package EVR is earlier than 0:1.5.4-alt1",
+      "Arch": {},
+      "EVR": {
+        "Text": "0:1.5.4-alt1",
+        "Datatype": "evr_string",
+        "Operation": "less than"
+      },
+      "Subexpression": {}
+    }
+  ]
+}

oval/c10f2/ALT-PU-2024-6631/tests.json

@@ -0,0 +1,150 @@
+{
+  "TextFileContent54Tests": [
+    {
+      "ID": "oval:org.altlinux.errata:tst:5001",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "ALT Linux based on branch 'c10f2' must be installed",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:5001"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:5001"
+      }
+    }
+  ],
+  "RPMInfoTests": [
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631001",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-duo is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631001"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631002",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-header is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631002"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631003",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-jdbc-mysql is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631003"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631004",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-jdbc-postgresql is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631004"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631005",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-jdbc-sqlserver is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631005"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631006",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-json is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631006"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631007",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-ldap is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631007"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631008",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-quickconnect is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631008"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631009",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-sso is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631009"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631010",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-auth-totp is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631010"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20246631011",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "guacamole-client is earlier than 0:1.5.4-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20246631011"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20246631001"
+      }
+    }
+  ]
+}