pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-11-15 03:05:58 +00:00
parent 47e32656c0
commit 84d8370cab
40 changed files with 3909 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

194
oval/c10f1/ALT-PU-2024-14880/definitions.json Normal file
View File

@ -0,0 +1,194 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414880",
"Version": "oval:org.altlinux.errata:def:202414880",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14880: package `curl` update to version 8.10.0-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14880",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14880",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-05923",
"RefURL": "https://bdu.fstec.ru/vul/2024-05923",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06023",
"RefURL": "https://bdu.fstec.ru/vul/2024-06023",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06024",
"RefURL": "https://bdu.fstec.ru/vul/2024-06024",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07774",
"RefURL": "https://bdu.fstec.ru/vul/2024-07774",
"Source": "BDU"
},
{
"RefID": "CVE-2024-6197",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6874",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874",
"Source": "CVE"
},
{
"RefID": "CVE-2024-7264",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264",
"Source": "CVE"
},
{
"RefID": "CVE-2024-8096",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096",
"Source": "CVE"
}
],
"Description": "This update upgrades curl to version 8.10.0-alt1. \nSecurity Fix(es):\n\n * BDU:2024-05923: Уязвимость функции GTime2str парсера ASN1 Parser библиотеки libcurl, позволяющая нарушителю вызвать октаз в обслуживании\n\n * BDU:2024-06023: Уязвимость функции utf8asn1str() парсера ASN1 утилиты командной строки cURL, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании\n\n * BDU:2024-06024: Уязвимость функции curl_url_get() утилиты командной строки cURL, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-07774: Уязвимость программного средства для взаимодействия с серверами curl, связанная c неправильной проверкой сертификата, позволяющая нарушителю оказывать влияние на целостность системы.\n\n * CVE-2024-6197: libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes `free()` on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort. Some however accept the input pointer and add that memory to its list of available chunks. This leads to the overwriting of nearby stack memory. The content of the overwrite is decided by the `free()` implementation; likely to be memory pointers and a set of flags. The most likely outcome of exploting this flaw is a crash, although it cannot be ruled out that more serious results can be had in special circumstances.\n\n * CVE-2024-6874: libcurl's URL API function\n[curl_url_get()](https://curl.se/libcurl/c/curl_url_get.html) offers punycode\nconversions, to and from IDN. Asking to convert a name that is exactly 256\nbytes, libcurl ends up reading outside of a stack based buffer when built to\nuse the *macidn* IDN backend. The conversion function then fills up the\nprovided buffer exactly - but does not null terminate the string.\n\nThis flaw can lead to stack contents accidently getting returned as part of\nthe converted string.\n\n * CVE-2024-7264: libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.\n\n * CVE-2024-8096: When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate.\n\n * #49883: curl --fail возвращает код ошибки 56 вместо 22",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": [
{
"ID": "BDU:2024-05923",
"CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"CWE": "CWE-125",
"Href": "https://bdu.fstec.ru/vul/2024-05923",
"Impact": "Low",
"Public": "20240731"
},
{
"ID": "BDU:2024-06023",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-590",
"Href": "https://bdu.fstec.ru/vul/2024-06023",
"Impact": "High",
"Public": "20240619"
},
{
"ID": "BDU:2024-06024",
"CVSS": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-126",
"Href": "https://bdu.fstec.ru/vul/2024-06024",
"Impact": "Low",
"Public": "20240417"
},
{
"ID": "BDU:2024-07774",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"CWE": "CWE-295",
"Href": "https://bdu.fstec.ru/vul/2024-07774",
"Impact": "Low",
"Public": "20240911"
}
],
"CVEs": [
{
"ID": "CVE-2024-6197",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6197",
"Impact": "High",
"Public": "20240724"
},
{
"ID": "CVE-2024-6874",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6874",
"Impact": "Low",
"Public": "20240724"
},
{
"ID": "CVE-2024-7264",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264",
"Impact": "Low",
"Public": "20240731"
},
{
"ID": "CVE-2024-8096",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-8096",
"Impact": "None",
"Public": "20240911"
}
],
"Bugzilla": [
{
"ID": "49883",
"Href": "https://bugzilla.altlinux.org/49883",
"Data": "curl --fail возвращает код ошибки 56 вместо 22"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414880001",
"Comment": "curl is earlier than 0:8.10.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414880002",
"Comment": "libcurl is earlier than 0:8.10.0-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414880003",
"Comment": "libcurl-devel is earlier than 0:8.10.0-alt1"
}
]
}
]
}
}
]
}

46
oval/c10f1/ALT-PU-2024-14880/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414880001",
"Version": "1",
"Comment": "curl is installed",
"Name": "curl"
},
{
"ID": "oval:org.altlinux.errata:obj:202414880002",
"Version": "1",
"Comment": "libcurl is installed",
"Name": "libcurl"
},
{
"ID": "oval:org.altlinux.errata:obj:202414880003",
"Version": "1",
"Comment": "libcurl-devel is installed",
"Name": "libcurl-devel"
}
]
}

23
oval/c10f1/ALT-PU-2024-14880/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414880001",
"Version": "1",
"Comment": "package EVR is earlier than 0:8.10.0-alt1",
"Arch": {},
"EVR": {
"Text": "0:8.10.0-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/c10f1/ALT-PU-2024-14880/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414880001",
"Version": "1",
"Check": "all",
"Comment": "curl is earlier than 0:8.10.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414880001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414880001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414880002",
"Version": "1",
"Check": "all",
"Comment": "libcurl is earlier than 0:8.10.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414880002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414880001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414880003",
"Version": "1",
"Check": "all",
"Comment": "libcurl-devel is earlier than 0:8.10.0-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414880003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414880001"
}
}
]
}

109
oval/c10f1/ALT-PU-2024-15023/definitions.json Normal file
View File

@ -0,0 +1,109 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415023",
"Version": "oval:org.altlinux.errata:def:202415023",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15023: package `cmake` update to version 3.23.2-alt3",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15023",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15023",
"Source": "ALTPU"
}
],
"Description": "This update upgrades cmake to version 3.23.2-alt3. \nSecurity Fix(es):\n\n * #45833: добавить макрос для ctest",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "45833",
"Href": "https://bugzilla.altlinux.org/45833",
"Data": "добавить макрос для ctest"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415023001",
"Comment": "bash-completion-cmake is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415023002",
"Comment": "ccmake is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415023003",
"Comment": "cmake is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415023004",
"Comment": "cmake-doc is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415023005",
"Comment": "cmake-gui is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415023006",
"Comment": "cmake-modules is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415023007",
"Comment": "ctest is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415023008",
"Comment": "rpm-macros-cmake is earlier than 0:3.23.2-alt3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415023009",
"Comment": "vim-plugin-cmake is earlier than 0:3.23.2-alt3"
}
]
}
]
}
}
]
}

82
oval/c10f1/ALT-PU-2024-15023/objects.json Normal file
View File

@ -0,0 +1,82 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415023001",
"Version": "1",
"Comment": "bash-completion-cmake is installed",
"Name": "bash-completion-cmake"
},
{
"ID": "oval:org.altlinux.errata:obj:202415023002",
"Version": "1",
"Comment": "ccmake is installed",
"Name": "ccmake"
},
{
"ID": "oval:org.altlinux.errata:obj:202415023003",
"Version": "1",
"Comment": "cmake is installed",
"Name": "cmake"
},
{
"ID": "oval:org.altlinux.errata:obj:202415023004",
"Version": "1",
"Comment": "cmake-doc is installed",
"Name": "cmake-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202415023005",
"Version": "1",
"Comment": "cmake-gui is installed",
"Name": "cmake-gui"
},
{
"ID": "oval:org.altlinux.errata:obj:202415023006",
"Version": "1",
"Comment": "cmake-modules is installed",
"Name": "cmake-modules"
},
{
"ID": "oval:org.altlinux.errata:obj:202415023007",
"Version": "1",
"Comment": "ctest is installed",
"Name": "ctest"
},
{
"ID": "oval:org.altlinux.errata:obj:202415023008",
"Version": "1",
"Comment": "rpm-macros-cmake is installed",
"Name": "rpm-macros-cmake"
},
{
"ID": "oval:org.altlinux.errata:obj:202415023009",
"Version": "1",
"Comment": "vim-plugin-cmake is installed",
"Name": "vim-plugin-cmake"
}
]
}

23
oval/c10f1/ALT-PU-2024-15023/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415023001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3.23.2-alt3",
"Arch": {},
"EVR": {
"Text": "0:3.23.2-alt3",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

126
oval/c10f1/ALT-PU-2024-15023/tests.json Normal file
View File

@ -0,0 +1,126 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415023001",
"Version": "1",
"Check": "all",
"Comment": "bash-completion-cmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415023002",
"Version": "1",
"Check": "all",
"Comment": "ccmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415023003",
"Version": "1",
"Check": "all",
"Comment": "cmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415023004",
"Version": "1",
"Check": "all",
"Comment": "cmake-doc is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415023005",
"Version": "1",
"Check": "all",
"Comment": "cmake-gui is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415023006",
"Version": "1",
"Check": "all",
"Comment": "cmake-modules is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415023007",
"Version": "1",
"Check": "all",
"Comment": "ctest is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415023008",
"Version": "1",
"Check": "all",
"Comment": "rpm-macros-cmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415023009",
"Version": "1",
"Check": "all",
"Comment": "vim-plugin-cmake is earlier than 0:3.23.2-alt3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415023009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415023001"
}
}
]
}

118
oval/c10f1/ALT-PU-2024-15498/definitions.json Normal file
View File

@ -0,0 +1,118 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415498",
"Version": "oval:org.altlinux.errata:def:202415498",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15498: package `consul` update to version 1.20.1-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15498",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15498",
"Source": "ALTPU"
},
{
"RefID": "CVE-2024-10005",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005",
"Source": "CVE"
},
{
"RefID": "CVE-2024-10006",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006",
"Source": "CVE"
},
{
"RefID": "CVE-2024-10086",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10086",
"Source": "CVE"
}
],
"Description": "This update upgrades consul to version 1.20.1-alt1. \nSecurity Fix(es):\n\n * CVE-2024-10005: A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules.\n\n * CVE-2024-10006: A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules.\n\n * CVE-2024-10086: A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS.\n\n * #44495: Не запускается контейнер без root",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2024-10005",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"CWE": "CWE-22",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005",
"Impact": "Low",
"Public": "20241030"
},
{
"ID": "CVE-2024-10006",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"CWE": "CWE-116",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006",
"Impact": "Low",
"Public": "20241030"
},
{
"ID": "CVE-2024-10086",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10086",
"Impact": "Low",
"Public": "20241030"
}
],
"Bugzilla": [
{
"ID": "44495",
"Href": "https://bugzilla.altlinux.org/44495",
"Data": "Не запускается контейнер без root"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415498001",
"Comment": "consul is earlier than 0:1.20.1-alt1"
}
]
}
]
}
}
]
}

34
oval/c10f1/ALT-PU-2024-15498/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415498001",
"Version": "1",
"Comment": "consul is installed",
"Name": "consul"
}
]
}

23
oval/c10f1/ALT-PU-2024-15498/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415498001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.20.1-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.20.1-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f1/ALT-PU-2024-15498/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415498001",
"Version": "1",
"Check": "all",
"Comment": "consul is earlier than 0:1.20.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415498001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415498001"
}
}
]
}

270
oval/c10f1/ALT-PU-2024-15509/definitions.json Normal file
View File

@ -0,0 +1,270 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415509",
"Version": "oval:org.altlinux.errata:def:202415509",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15509: package `mbedtls` update to version 3.6.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15509",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15509",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-06434",
"RefURL": "https://bdu.fstec.ru/vul/2023-06434",
"Source": "BDU"
},
{
"RefID": "BDU:2023-06575",
"RefURL": "https://bdu.fstec.ru/vul/2023-06575",
"Source": "BDU"
},
{
"RefID": "BDU:2024-01340",
"RefURL": "https://bdu.fstec.ru/vul/2024-01340",
"Source": "BDU"
},
{
"RefID": "BDU:2024-01341",
"RefURL": "https://bdu.fstec.ru/vul/2024-01341",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07428",
"RefURL": "https://bdu.fstec.ru/vul/2024-07428",
"Source": "BDU"
},
{
"RefID": "CVE-2023-43615",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-43615",
"Source": "CVE"
},
{
"RefID": "CVE-2023-45199",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-45199",
"Source": "CVE"
},
{
"RefID": "CVE-2023-52353",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-52353",
"Source": "CVE"
},
{
"RefID": "CVE-2024-23170",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-23170",
"Source": "CVE"
},
{
"RefID": "CVE-2024-23744",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-23744",
"Source": "CVE"
},
{
"RefID": "CVE-2024-23775",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-23775",
"Source": "CVE"
},
{
"RefID": "CVE-2024-45157",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-45157",
"Source": "CVE"
},
{
"RefID": "CVE-2024-45159",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-45159",
"Source": "CVE"
}
],
"Description": "This update upgrades mbedtls to version 3.6.2-alt1. \nSecurity Fix(es):\n\n * BDU:2023-06434: Уязвимость реализации протоколов TLS и SSL программного обеспечения Mbed TLS, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-06575: Уязвимость программного обеспечения Mbed TLS, связанная с ошибками при обработке шифрования в соединениях (D)TLS, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-01340: Уязвимость программного обеспечения Mbed TLS, существующая из-за временного бокового канала в частных операциях RSA, позволяющая нарушителю реализовать атаку Марвина (Marvin) и получить доступ к конфиденциальной информации\n\n * BDU:2024-01341: Уязвимость функции mbedtls_x509_set_extension программного обеспечения Mbed TLS, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-07428: Уязвимость программного обеспечения Mbed TLS, связанная с использованием неисправного или рискованного криптографического алгоритма, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2023-43615: Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.\n\n * CVE-2023-45199: Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.\n\n * CVE-2023-52353: An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.\n\n * CVE-2024-23170: An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in \"Everlasting ROBOT: the Marvin Attack\" by Hubert Kario.\n\n * CVE-2024-23744: An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.\n\n * CVE-2024-23775: Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().\n\n * CVE-2024-45157: An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.\n\n * CVE-2024-45159: An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication would nonetheless be able to use it for TLS client authentication. Only TLS 1.3 servers were affected, and only with optional authentication (with required authentication, the handshake would be aborted with a fatal alert).\n\n * #47976: Недоступный сайт, указанный в URL пакета",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": [
{
"ID": "BDU:2023-06434",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119, CWE-120",
"Href": "https://bdu.fstec.ru/vul/2023-06434",
"Impact": "Critical",
"Public": "20231006"
},
{
"ID": "BDU:2023-06575",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119, CWE-120",
"Href": "https://bdu.fstec.ru/vul/2023-06575",
"Impact": "Critical",
"Public": "20231005"
},
{
"ID": "BDU:2024-01340",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-200, CWE-203, CWE-208",
"Href": "https://bdu.fstec.ru/vul/2024-01340",
"Impact": "Low",
"Public": "20240110"
},
{
"ID": "BDU:2024-01341",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-189, CWE-190",
"Href": "https://bdu.fstec.ru/vul/2024-01341",
"Impact": "High",
"Public": "20240109"
},
{
"ID": "BDU:2024-07428",
"CVSS": "AV:L/AC:H/Au:N/C:C/I:N/A:N",
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-327",
"Href": "https://bdu.fstec.ru/vul/2024-07428",
"Impact": "Low",
"Public": "20240905"
}
],
"CVEs": [
{
"ID": "CVE-2023-43615",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-43615",
"Impact": "High",
"Public": "20231007"
},
{
"ID": "CVE-2023-45199",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-45199",
"Impact": "Critical",
"Public": "20231007"
},
{
"ID": "CVE-2023-52353",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-384",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-52353",
"Impact": "High",
"Public": "20240121"
},
{
"ID": "CVE-2024-23170",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-203",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-23170",
"Impact": "Low",
"Public": "20240131"
},
{
"ID": "CVE-2024-23744",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-23744",
"Impact": "High",
"Public": "20240121"
},
{
"ID": "CVE-2024-23775",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-23775",
"Impact": "High",
"Public": "20240131"
},
{
"ID": "CVE-2024-45157",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-45157",
"Impact": "Low",
"Public": "20240905"
},
{
"ID": "CVE-2024-45159",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-295",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-45159",
"Impact": "Critical",
"Public": "20240905"
}
],
"Bugzilla": [
{
"ID": "47976",
"Href": "https://bugzilla.altlinux.org/47976",
"Data": "Недоступный сайт, указанный в URL пакета"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415509001",
"Comment": "libmbedcrypto16 is earlier than 0:3.6.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415509002",
"Comment": "libmbedtls-devel is earlier than 0:3.6.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415509003",
"Comment": "libmbedtls21 is earlier than 0:3.6.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415509004",
"Comment": "libmbedx509-7 is earlier than 0:3.6.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415509005",
"Comment": "mbedtls-utils is earlier than 0:3.6.2-alt1"
}
]
}
]
}
}
]
}

58
oval/c10f1/ALT-PU-2024-15509/objects.json Normal file
View File

@ -0,0 +1,58 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415509001",
"Version": "1",
"Comment": "libmbedcrypto16 is installed",
"Name": "libmbedcrypto16"
},
{
"ID": "oval:org.altlinux.errata:obj:202415509002",
"Version": "1",
"Comment": "libmbedtls-devel is installed",
"Name": "libmbedtls-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202415509003",
"Version": "1",
"Comment": "libmbedtls21 is installed",
"Name": "libmbedtls21"
},
{
"ID": "oval:org.altlinux.errata:obj:202415509004",
"Version": "1",
"Comment": "libmbedx509-7 is installed",
"Name": "libmbedx509-7"
},
{
"ID": "oval:org.altlinux.errata:obj:202415509005",
"Version": "1",
"Comment": "mbedtls-utils is installed",
"Name": "mbedtls-utils"
}
]
}

23
oval/c10f1/ALT-PU-2024-15509/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415509001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3.6.2-alt1",
"Arch": {},
"EVR": {
"Text": "0:3.6.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

78
oval/c10f1/ALT-PU-2024-15509/tests.json Normal file
View File

@ -0,0 +1,78 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415509001",
"Version": "1",
"Check": "all",
"Comment": "libmbedcrypto16 is earlier than 0:3.6.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415509001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415509001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415509002",
"Version": "1",
"Check": "all",
"Comment": "libmbedtls-devel is earlier than 0:3.6.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415509002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415509001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415509003",
"Version": "1",
"Check": "all",
"Comment": "libmbedtls21 is earlier than 0:3.6.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415509003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415509001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415509004",
"Version": "1",
"Check": "all",
"Comment": "libmbedx509-7 is earlier than 0:3.6.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415509004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415509001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415509005",
"Version": "1",
"Check": "all",
"Comment": "mbedtls-utils is earlier than 0:3.6.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415509005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415509001"
}
}
]
}

94
oval/c9f2/ALT-PU-2024-15083/definitions.json Normal file
View File

@ -0,0 +1,94 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415083",
"Version": "oval:org.altlinux.errata:def:202415083",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15083: package `rpm-build-vm` update to version 1.74-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15083",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15083",
"Source": "ALTPU"
}
],
"Description": "This update upgrades rpm-build-vm to version 1.74-alt1. \nSecurity Fix(es):\n\n * #44337: Не определено значение MAXCPU для платформы x86_64\n\n * #47599: \"expected to fail\" tests fail on unsupported architecture",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "44337",
"Href": "https://bugzilla.altlinux.org/44337",
"Data": "Не определено значение MAXCPU для платформы x86_64"
},
{
"ID": "47599",
"Href": "https://bugzilla.altlinux.org/47599",
"Data": "\"expected to fail\" tests fail on unsupported architecture"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415083001",
"Comment": "rpm-build-vm is earlier than 0:1.74-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415083002",
"Comment": "rpm-build-vm-checkinstall is earlier than 0:1.74-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415083003",
"Comment": "rpm-build-vm-createimage is earlier than 0:1.74-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415083004",
"Comment": "rpm-build-vm-run is earlier than 0:1.74-alt1"
}
]
}
]
}
}
]
}

52
oval/c9f2/ALT-PU-2024-15083/objects.json Normal file
View File

@ -0,0 +1,52 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415083001",
"Version": "1",
"Comment": "rpm-build-vm is installed",
"Name": "rpm-build-vm"
},
{
"ID": "oval:org.altlinux.errata:obj:202415083002",
"Version": "1",
"Comment": "rpm-build-vm-checkinstall is installed",
"Name": "rpm-build-vm-checkinstall"
},
{
"ID": "oval:org.altlinux.errata:obj:202415083003",
"Version": "1",
"Comment": "rpm-build-vm-createimage is installed",
"Name": "rpm-build-vm-createimage"
},
{
"ID": "oval:org.altlinux.errata:obj:202415083004",
"Version": "1",
"Comment": "rpm-build-vm-run is installed",
"Name": "rpm-build-vm-run"
}
]
}

23
oval/c9f2/ALT-PU-2024-15083/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415083001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.74-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.74-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

66
oval/c9f2/ALT-PU-2024-15083/tests.json Normal file
View File

@ -0,0 +1,66 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415083001",
"Version": "1",
"Check": "all",
"Comment": "rpm-build-vm is earlier than 0:1.74-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415083001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415083001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415083002",
"Version": "1",
"Check": "all",
"Comment": "rpm-build-vm-checkinstall is earlier than 0:1.74-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415083002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415083001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415083003",
"Version": "1",
"Check": "all",
"Comment": "rpm-build-vm-createimage is earlier than 0:1.74-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415083003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415083001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415083004",
"Version": "1",
"Check": "all",
"Comment": "rpm-build-vm-run is earlier than 0:1.74-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415083004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415083001"
}
}
]
}

89
oval/c9f2/ALT-PU-2024-15493/definitions.json Normal file
View File

@ -0,0 +1,89 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415493",
"Version": "oval:org.altlinux.errata:def:202415493",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15493: package `libzen` update to version 0.4.41-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15493",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15493",
"Source": "ALTPU"
},
{
"RefID": "CVE-2020-36646",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-36646",
"Source": "CVE"
}
],
"Description": "This update upgrades libzen to version 0.4.41-alt1. \nSecurity Fix(es):\n\n * CVE-2020-36646: A vulnerability classified as problematic has been found in MediaArea ZenLib up to 0.4.38. This affects the function Ztring::Date_From_Seconds_1970_Local of the file Source/ZenLib/Ztring.cpp. The manipulation of the argument Value leads to unchecked return value to null pointer dereference. Upgrading to version 0.4.39 is able to address this issue. The identifier of the patch is 6475fcccd37c9cf17e0cfe263b5fe0e2e47a8408. It is recommended to upgrade the affected component. The identifier VDB-217629 was assigned to this vulnerability.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2020-36646",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-36646",
"Impact": "High",
"Public": "20230107"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415493001",
"Comment": "libzen is earlier than 0:0.4.41-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415493002",
"Comment": "libzen-devel is earlier than 0:0.4.41-alt1"
}
]
}
]
}
}
]
}

40
oval/c9f2/ALT-PU-2024-15493/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415493001",
"Version": "1",
"Comment": "libzen is installed",
"Name": "libzen"
},
{
"ID": "oval:org.altlinux.errata:obj:202415493002",
"Version": "1",
"Comment": "libzen-devel is installed",
"Name": "libzen-devel"
}
]
}

23
oval/c9f2/ALT-PU-2024-15493/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415493001",
"Version": "1",
"Comment": "package EVR is earlier than 0:0.4.41-alt1",
"Arch": {},
"EVR": {
"Text": "0:0.4.41-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c9f2/ALT-PU-2024-15493/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415493001",
"Version": "1",
"Check": "all",
"Comment": "libzen is earlier than 0:0.4.41-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415493001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415493001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415493002",
"Version": "1",
"Check": "all",
"Comment": "libzen-devel is earlier than 0:0.4.41-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415493002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415493001"
}
}
]
}

287
oval/p10/ALT-PU-2024-14937/definitions.json Normal file
View File

@ -0,0 +1,287 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202414937",
"Version": "oval:org.altlinux.errata:def:202414937",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-14937: package `LibreOffice-still` update to version 24.2.6.2-alt0.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-14937",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-14937",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-04136",
"RefURL": "https://bdu.fstec.ru/vul/2024-04136",
"Source": "BDU"
},
{
"RefID": "BDU:2024-04913",
"RefURL": "https://bdu.fstec.ru/vul/2024-04913",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06443",
"RefURL": "https://bdu.fstec.ru/vul/2024-06443",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07260",
"RefURL": "https://bdu.fstec.ru/vul/2024-07260",
"Source": "BDU"
},
{
"RefID": "CVE-2024-3044",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-3044",
"Source": "CVE"
},
{
"RefID": "CVE-2024-5261",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-5261",
"Source": "CVE"
},
{
"RefID": "CVE-2024-6472",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6472",
"Source": "CVE"
},
{
"RefID": "CVE-2024-7788",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-7788",
"Source": "CVE"
}
],
"Description": "This update upgrades LibreOffice-still to version 24.2.6.2-alt0.p10.1. \nSecurity Fix(es):\n\n * BDU:2024-04136: Уязвимость пакета офисных программ LibreOffice, связанная с возможностью внедрения кода или данных, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-04913: Уязвимость компонента LibreOfficeKit пакета офисных программ LibreOffice, позволяющая уязвимости может позволить нарушителю выполнить произвольный код\n\n * BDU:2024-06443: Уязвимость пользовательского интерфейса проверки сертификата пакета офисных программ LibreOffice, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-07260: Уязвимость пакета офисных программ LibreOffice, связанная с некорректной проверкой криптографической подписи, позволяющая нарушителю создать специально сформированный документ, который после восстановления сообщал о действительном статусе электронной подписи\n\n * CVE-2024-3044: Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.\n\n * CVE-2024-5261: Improper Certificate Validation vulnerability in LibreOffice \"LibreOfficeKit\" mode disables TLS certification verification\n\nLibreOfficeKit can be used for accessing LibreOffice functionality \nthrough C/C++. Typically this is used by third party components to reuse\n LibreOffice as a library to convert, view or otherwise interact with \ndocuments.\n\nLibreOffice internally makes use of \"curl\" to fetch remote resources such as images hosted on webservers.\n\nIn\n affected versions of LibreOffice, when used in LibreOfficeKit mode \nonly, then curl's TLS certification verification was disabled \n(CURLOPT_SSL_VERIFYPEER of false)\n\nIn the fixed versions curl operates in LibreOfficeKit mode the same as in standard mode with CURLOPT_SSL_VERIFYPEER of true.\n\nThis issue affects LibreOffice before version 24.2.4.\n\n * CVE-2024-6472: Certificate Validation user interface in LibreOffice allows potential vulnerability.\n\n\n\n\nSigned macros are scripts that have been digitally signed by the \ndeveloper using a cryptographic signature. When a document with a signed\n macro is opened a warning is displayed by LibreOffice before the macro \nis executed.\n\nPreviously if verification failed the user could fail to understand the failure and choose to enable the macros anyway.\n\n\nThis issue affects LibreOffice: from 24.2 before 24.2.5.\n\n * CVE-2024-7788: Improper Digital Signature Invalidation  vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before \u003c 24.2.5.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": [
{
"ID": "BDU:2024-04136",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2024-04136",
"Impact": "High",
"Public": "20240514"
},
{
"ID": "BDU:2024-04913",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-295",
"Href": "https://bdu.fstec.ru/vul/2024-04913",
"Impact": "Critical",
"Public": "20240625"
},
{
"ID": "BDU:2024-06443",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-295",
"Href": "https://bdu.fstec.ru/vul/2024-06443",
"Impact": "High",
"Public": "20240805"
},
{
"ID": "BDU:2024-07260",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-347",
"Href": "https://bdu.fstec.ru/vul/2024-07260",
"Impact": "High",
"Public": "20240917"
}
],
"CVEs": [
{
"ID": "CVE-2024-3044",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-3044",
"Impact": "None",
"Public": "20240514"
},
{
"ID": "CVE-2024-5261",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-5261",
"Impact": "None",
"Public": "20240625"
},
{
"ID": "CVE-2024-6472",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6472",
"Impact": "None",
"Public": "20240805"
},
{
"ID": "CVE-2024-7788",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-347",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-7788",
"Impact": "High",
"Public": "20240917"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202414937001",
"Comment": "LibreOffice-still is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937002",
"Comment": "LibreOffice-still-common is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937003",
"Comment": "LibreOffice-still-extensions is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937004",
"Comment": "LibreOffice-still-gtk3 is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937005",
"Comment": "LibreOffice-still-integrated is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937006",
"Comment": "LibreOffice-still-kde5 is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937007",
"Comment": "LibreOffice-still-langpack-be is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937008",
"Comment": "LibreOffice-still-langpack-de is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937009",
"Comment": "LibreOffice-still-langpack-el is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937010",
"Comment": "LibreOffice-still-langpack-es is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937011",
"Comment": "LibreOffice-still-langpack-fr is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937012",
"Comment": "LibreOffice-still-langpack-kk is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937013",
"Comment": "LibreOffice-still-langpack-ky is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937014",
"Comment": "LibreOffice-still-langpack-pt-BR is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937015",
"Comment": "LibreOffice-still-langpack-ru is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937016",
"Comment": "LibreOffice-still-langpack-tt is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937017",
"Comment": "LibreOffice-still-langpack-uk is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937018",
"Comment": "LibreOffice-still-langpack-uz is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937019",
"Comment": "LibreOffice-still-mimetypes is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937020",
"Comment": "LibreOffice-still-qt5 is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937021",
"Comment": "LibreOffice-still-sdk is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937022",
"Comment": "libreofficekit-still is earlier than 0:24.2.6.2-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202414937023",
"Comment": "libreofficekit-still-devel is earlier than 0:24.2.6.2-alt0.p10.1"
}
]
}
]
}
}
]
}

166
oval/p10/ALT-PU-2024-14937/objects.json Normal file
View File

@ -0,0 +1,166 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202414937001",
"Version": "1",
"Comment": "LibreOffice-still is installed",
"Name": "LibreOffice-still"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937002",
"Version": "1",
"Comment": "LibreOffice-still-common is installed",
"Name": "LibreOffice-still-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937003",
"Version": "1",
"Comment": "LibreOffice-still-extensions is installed",
"Name": "LibreOffice-still-extensions"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937004",
"Version": "1",
"Comment": "LibreOffice-still-gtk3 is installed",
"Name": "LibreOffice-still-gtk3"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937005",
"Version": "1",
"Comment": "LibreOffice-still-integrated is installed",
"Name": "LibreOffice-still-integrated"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937006",
"Version": "1",
"Comment": "LibreOffice-still-kde5 is installed",
"Name": "LibreOffice-still-kde5"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937007",
"Version": "1",
"Comment": "LibreOffice-still-langpack-be is installed",
"Name": "LibreOffice-still-langpack-be"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937008",
"Version": "1",
"Comment": "LibreOffice-still-langpack-de is installed",
"Name": "LibreOffice-still-langpack-de"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937009",
"Version": "1",
"Comment": "LibreOffice-still-langpack-el is installed",
"Name": "LibreOffice-still-langpack-el"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937010",
"Version": "1",
"Comment": "LibreOffice-still-langpack-es is installed",
"Name": "LibreOffice-still-langpack-es"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937011",
"Version": "1",
"Comment": "LibreOffice-still-langpack-fr is installed",
"Name": "LibreOffice-still-langpack-fr"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937012",
"Version": "1",
"Comment": "LibreOffice-still-langpack-kk is installed",
"Name": "LibreOffice-still-langpack-kk"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937013",
"Version": "1",
"Comment": "LibreOffice-still-langpack-ky is installed",
"Name": "LibreOffice-still-langpack-ky"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937014",
"Version": "1",
"Comment": "LibreOffice-still-langpack-pt-BR is installed",
"Name": "LibreOffice-still-langpack-pt-BR"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937015",
"Version": "1",
"Comment": "LibreOffice-still-langpack-ru is installed",
"Name": "LibreOffice-still-langpack-ru"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937016",
"Version": "1",
"Comment": "LibreOffice-still-langpack-tt is installed",
"Name": "LibreOffice-still-langpack-tt"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937017",
"Version": "1",
"Comment": "LibreOffice-still-langpack-uk is installed",
"Name": "LibreOffice-still-langpack-uk"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937018",
"Version": "1",
"Comment": "LibreOffice-still-langpack-uz is installed",
"Name": "LibreOffice-still-langpack-uz"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937019",
"Version": "1",
"Comment": "LibreOffice-still-mimetypes is installed",
"Name": "LibreOffice-still-mimetypes"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937020",
"Version": "1",
"Comment": "LibreOffice-still-qt5 is installed",
"Name": "LibreOffice-still-qt5"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937021",
"Version": "1",
"Comment": "LibreOffice-still-sdk is installed",
"Name": "LibreOffice-still-sdk"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937022",
"Version": "1",
"Comment": "libreofficekit-still is installed",
"Name": "libreofficekit-still"
},
{
"ID": "oval:org.altlinux.errata:obj:202414937023",
"Version": "1",
"Comment": "libreofficekit-still-devel is installed",
"Name": "libreofficekit-still-devel"
}
]
}

23
oval/p10/ALT-PU-2024-14937/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202414937001",
"Version": "1",
"Comment": "package EVR is earlier than 0:24.2.6.2-alt0.p10.1",
"Arch": {},
"EVR": {
"Text": "0:24.2.6.2-alt0.p10.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

294
oval/p10/ALT-PU-2024-14937/tests.json Normal file
View File

@ -0,0 +1,294 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202414937001",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937002",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-common is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937003",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-extensions is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937004",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-gtk3 is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937005",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-integrated is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937006",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-kde5 is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937007",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-be is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937008",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-de is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937009",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-el is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937010",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-es is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937011",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-fr is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937012",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-kk is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937013",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-ky is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937014",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-pt-BR is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937015",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-ru is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937016",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-tt is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937017",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-uk is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937018",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-langpack-uz is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937018"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937019",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-mimetypes is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937019"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937020",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-qt5 is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937020"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937021",
"Version": "1",
"Check": "all",
"Comment": "LibreOffice-still-sdk is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937021"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937022",
"Version": "1",
"Check": "all",
"Comment": "libreofficekit-still is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937022"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202414937023",
"Version": "1",
"Check": "all",
"Comment": "libreofficekit-still-devel is earlier than 0:24.2.6.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202414937023"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202414937001"
}
}
]
}

165
oval/p10/ALT-PU-2024-15136/definitions.json Normal file
View File

@ -0,0 +1,165 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415136",
"Version": "oval:org.altlinux.errata:def:202415136",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15136: package `libxslt` update to version 1.1.37-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15136",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15136",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-03941",
"RefURL": "https://bdu.fstec.ru/vul/2021-03941",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03033",
"RefURL": "https://bdu.fstec.ru/vul/2022-03033",
"Source": "BDU"
},
{
"RefID": "CVE-2021-30560",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-30560",
"Source": "CVE"
},
{
"RefID": "CVE-2022-29824",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-29824",
"Source": "CVE"
}
],
"Description": "This update upgrades libxslt to version 1.1.37-alt1. \nSecurity Fix(es):\n\n * BDU:2021-03941: Уязвимость реализации технологии XSLT (eXtensible Stylesheet Language Transformations) модуля отображения Blink браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-03033: Уязвимость компонентов buf.c и tree.c библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * CVE-2021-30560: Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n * CVE-2022-29824: In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": [
{
"ID": "BDU:2021-03941",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-03941",
"Impact": "High",
"Public": "20210612"
},
{
"ID": "BDU:2022-03033",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-190, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-03033",
"Impact": "Low",
"Public": "20220308"
}
],
"CVEs": [
{
"ID": "CVE-2021-30560",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-30560",
"Impact": "High",
"Public": "20210803"
},
{
"ID": "CVE-2022-29824",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-29824",
"Impact": "Low",
"Public": "20220503"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415136001",
"Comment": "libxslt is earlier than 0:1.1.37-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415136002",
"Comment": "libxslt-devel is earlier than 0:1.1.37-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415136003",
"Comment": "libxslt-devel-doc is earlier than 0:1.1.37-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415136004",
"Comment": "xsltproc is earlier than 0:1.1.37-alt1"
}
]
}
]
}
}
]
}

52
oval/p10/ALT-PU-2024-15136/objects.json Normal file
View File

@ -0,0 +1,52 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415136001",
"Version": "1",
"Comment": "libxslt is installed",
"Name": "libxslt"
},
{
"ID": "oval:org.altlinux.errata:obj:202415136002",
"Version": "1",
"Comment": "libxslt-devel is installed",
"Name": "libxslt-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202415136003",
"Version": "1",
"Comment": "libxslt-devel-doc is installed",
"Name": "libxslt-devel-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202415136004",
"Version": "1",
"Comment": "xsltproc is installed",
"Name": "xsltproc"
}
]
}

23
oval/p10/ALT-PU-2024-15136/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415136001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.1.37-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.1.37-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

66
oval/p10/ALT-PU-2024-15136/tests.json Normal file
View File

@ -0,0 +1,66 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415136001",
"Version": "1",
"Check": "all",
"Comment": "libxslt is earlier than 0:1.1.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415136001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415136002",
"Version": "1",
"Check": "all",
"Comment": "libxslt-devel is earlier than 0:1.1.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415136002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415136003",
"Version": "1",
"Check": "all",
"Comment": "libxslt-devel-doc is earlier than 0:1.1.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415136003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415136001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415136004",
"Version": "1",
"Check": "all",
"Comment": "xsltproc is earlier than 0:1.1.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415136004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415136001"
}
}
]
}

157
oval/p10/ALT-PU-2024-15200/definitions.json Normal file
View File

@ -0,0 +1,157 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415200",
"Version": "oval:org.altlinux.errata:def:202415200",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15200: package `bitcoin` update to version 27.2-alt0.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15200",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15200",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-33297",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-33297",
"Source": "CVE"
},
{
"RefID": "CVE-2023-37192",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-37192",
"Source": "CVE"
},
{
"RefID": "CVE-2023-50428",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-50428",
"Source": "CVE"
},
{
"RefID": "CVE-2024-34149",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-34149",
"Source": "CVE"
},
{
"RefID": "CVE-2024-35202",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-35202",
"Source": "CVE"
}
],
"Description": "This update upgrades bitcoin to version 27.2-alt0.p10.1. \nSecurity Fix(es):\n\n * CVE-2023-33297: Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (e.g., CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.\n\n * CVE-2023-37192: Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.\n\n * CVE-2023-50428: In Bitcoin Core through 26.0 and Bitcoin Knots before 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the Bitcoin Knots project, some others consider it \"not a bug.\"\n\n * CVE-2024-34149: In Bitcoin Core through 27.0 and Bitcoin Knots before 25.1.knots20231115, tapscript lacks a policy size limit check, a different issue than CVE-2023-50428. NOTE: some parties oppose this new limit check (for example, because they agree with the objective but disagree with the technical mechanism, or because they have a different objective).\n\n * CVE-2024-35202: Bitcoin Core before 25.0 allows remote attackers to cause a denial of service (blocktxn message-handling assertion and node exit) by including transactions in a blocktxn message that are not committed to in a block's merkle root. FillBlock can be called twice for one PartiallyDownloadedBlock instance.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-14"
},
"Updated": {
"Date": "2024-11-14"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2023-33297",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-33297",
"Impact": "High",
"Public": "20230522"
},
{
"ID": "CVE-2023-37192",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-311",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-37192",
"Impact": "High",
"Public": "20230707"
},
{
"ID": "CVE-2023-50428",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-50428",
"Impact": "Low",
"Public": "20231209"
},
{
"ID": "CVE-2024-34149",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-34149",
"Impact": "None",
"Public": "20240430"
},
{
"ID": "CVE-2024-35202",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-35202",
"Impact": "None",
"Public": "20241010"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415200001",
"Comment": "bitcoin is earlier than 0:27.2-alt0.p10.1"
}
]
}
]
}
}
]
}

34
oval/p10/ALT-PU-2024-15200/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415200001",
"Version": "1",
"Comment": "bitcoin is installed",
"Name": "bitcoin"
}
]
}

23
oval/p10/ALT-PU-2024-15200/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415200001",
"Version": "1",
"Comment": "package EVR is earlier than 0:27.2-alt0.p10.1",
"Arch": {},
"EVR": {
"Text": "0:27.2-alt0.p10.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p10/ALT-PU-2024-15200/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415200001",
"Version": "1",
"Check": "all",
"Comment": "bitcoin is earlier than 0:27.2-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415200001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415200001"
}
}
]
}

620
oval/p10/ALT-PU-2024-15251/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

88
oval/p10/ALT-PU-2024-15251/objects.json Normal file
View File

@ -0,0 +1,88 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415251001",
"Version": "1",
"Comment": "kernel-doc-un is installed",
"Name": "kernel-doc-un"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251002",
"Version": "1",
"Comment": "kernel-headers-modules-un-def is installed",
"Name": "kernel-headers-modules-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251003",
"Version": "1",
"Comment": "kernel-headers-un-def is installed",
"Name": "kernel-headers-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251004",
"Version": "1",
"Comment": "kernel-image-domU-un-def is installed",
"Name": "kernel-image-domU-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251005",
"Version": "1",
"Comment": "kernel-image-un-def is installed",
"Name": "kernel-image-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251006",
"Version": "1",
"Comment": "kernel-image-un-def-checkinstall is installed",
"Name": "kernel-image-un-def-checkinstall"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251007",
"Version": "1",
"Comment": "kernel-modules-drm-ancient-un-def is installed",
"Name": "kernel-modules-drm-ancient-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251008",
"Version": "1",
"Comment": "kernel-modules-drm-nouveau-un-def is installed",
"Name": "kernel-modules-drm-nouveau-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251009",
"Version": "1",
"Comment": "kernel-modules-drm-un-def is installed",
"Name": "kernel-modules-drm-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202415251010",
"Version": "1",
"Comment": "kernel-modules-staging-un-def is installed",
"Name": "kernel-modules-staging-un-def"
}
]
}

23
oval/p10/ALT-PU-2024-15251/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415251001",
"Version": "1",
"Comment": "package EVR is earlier than 1:6.1.115-alt1",
"Arch": {},
"EVR": {
"Text": "1:6.1.115-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

138
oval/p10/ALT-PU-2024-15251/tests.json Normal file
View File

@ -0,0 +1,138 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415251001",
"Version": "1",
"Check": "all",
"Comment": "kernel-doc-un is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251002",
"Version": "1",
"Check": "all",
"Comment": "kernel-headers-modules-un-def is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251003",
"Version": "1",
"Check": "all",
"Comment": "kernel-headers-un-def is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251004",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-domU-un-def is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251005",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-un-def is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251006",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-un-def-checkinstall is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251007",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-ancient-un-def is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251008",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251009",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-un-def is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415251010",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-staging-un-def is earlier than 1:6.1.115-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415251010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415251001"
}
}
]
}