pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-12-18 03:06:38 +00:00
parent 264293f3a7
commit 85df097a87
32 changed files with 2311 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
oval/c10f1/ALT-PU-2024-16844/definitions.json Normal file
View File

@ -0,0 +1,150 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416844",
"Version": "oval:org.altlinux.errata:def:202416844",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16844: package `freeipa` update to version 4.9.14-alt1.c10f2.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16844",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16844",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-01678",
"RefURL": "https://bdu.fstec.ru/vul/2024-01678",
"Source": "BDU"
},
{
"RefID": "CVE-2024-1481",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1481",
"Source": "CVE"
}
],
"Description": "This update upgrades freeipa to version 4.9.14-alt1.c10f2.1. \nSecurity Fix(es):\n\n * BDU:2024-01678: Уязвимость функции run() сценария сервера FreeIPA, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или вызвать отказ в обслуживании\n\n * CVE-2024-1481: A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
},
"BDUs": [
{
"ID": "BDU:2024-01678",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CWE": "CWE-20, CWE-404",
"Href": "https://bdu.fstec.ru/vul/2024-01678",
"Impact": "Low",
"Public": "20240213"
}
],
"CVEs": [
{
"ID": "CVE-2024-1481",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1481",
"Impact": "None",
"Public": "20240410"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416844001",
"Comment": "freeipa-client is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844002",
"Comment": "freeipa-client-automount is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844003",
"Comment": "freeipa-client-common is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844004",
"Comment": "freeipa-client-epn is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844005",
"Comment": "freeipa-client-samba is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844006",
"Comment": "freeipa-common is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844007",
"Comment": "freeipa-server is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844008",
"Comment": "freeipa-server-common is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844009",
"Comment": "freeipa-server-dns is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844010",
"Comment": "freeipa-server-trust-ad is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844011",
"Comment": "python3-module-freeipa is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844012",
"Comment": "python3-module-ipaclient is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844013",
"Comment": "python3-module-ipaserver is earlier than 0:4.9.14-alt1.c10f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416844014",
"Comment": "python3-module-ipatests is earlier than 0:4.9.14-alt1.c10f2.1"
}
]
}
]
}
}
]
}

112
oval/c10f1/ALT-PU-2024-16844/objects.json Normal file
View File

@ -0,0 +1,112 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416844001",
"Version": "1",
"Comment": "freeipa-client is installed",
"Name": "freeipa-client"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844002",
"Version": "1",
"Comment": "freeipa-client-automount is installed",
"Name": "freeipa-client-automount"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844003",
"Version": "1",
"Comment": "freeipa-client-common is installed",
"Name": "freeipa-client-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844004",
"Version": "1",
"Comment": "freeipa-client-epn is installed",
"Name": "freeipa-client-epn"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844005",
"Version": "1",
"Comment": "freeipa-client-samba is installed",
"Name": "freeipa-client-samba"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844006",
"Version": "1",
"Comment": "freeipa-common is installed",
"Name": "freeipa-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844007",
"Version": "1",
"Comment": "freeipa-server is installed",
"Name": "freeipa-server"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844008",
"Version": "1",
"Comment": "freeipa-server-common is installed",
"Name": "freeipa-server-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844009",
"Version": "1",
"Comment": "freeipa-server-dns is installed",
"Name": "freeipa-server-dns"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844010",
"Version": "1",
"Comment": "freeipa-server-trust-ad is installed",
"Name": "freeipa-server-trust-ad"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844011",
"Version": "1",
"Comment": "python3-module-freeipa is installed",
"Name": "python3-module-freeipa"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844012",
"Version": "1",
"Comment": "python3-module-ipaclient is installed",
"Name": "python3-module-ipaclient"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844013",
"Version": "1",
"Comment": "python3-module-ipaserver is installed",
"Name": "python3-module-ipaserver"
},
{
"ID": "oval:org.altlinux.errata:obj:202416844014",
"Version": "1",
"Comment": "python3-module-ipatests is installed",
"Name": "python3-module-ipatests"
}
]
}

23
oval/c10f1/ALT-PU-2024-16844/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416844001",
"Version": "1",
"Comment": "package EVR is earlier than 0:4.9.14-alt1.c10f2.1",
"Arch": {},
"EVR": {
"Text": "0:4.9.14-alt1.c10f2.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

186
oval/c10f1/ALT-PU-2024-16844/tests.json Normal file
View File

@ -0,0 +1,186 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416844001",
"Version": "1",
"Check": "all",
"Comment": "freeipa-client is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844002",
"Version": "1",
"Check": "all",
"Comment": "freeipa-client-automount is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844003",
"Version": "1",
"Check": "all",
"Comment": "freeipa-client-common is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844004",
"Version": "1",
"Check": "all",
"Comment": "freeipa-client-epn is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844005",
"Version": "1",
"Check": "all",
"Comment": "freeipa-client-samba is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844006",
"Version": "1",
"Check": "all",
"Comment": "freeipa-common is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844007",
"Version": "1",
"Check": "all",
"Comment": "freeipa-server is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844008",
"Version": "1",
"Check": "all",
"Comment": "freeipa-server-common is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844009",
"Version": "1",
"Check": "all",
"Comment": "freeipa-server-dns is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844010",
"Version": "1",
"Check": "all",
"Comment": "freeipa-server-trust-ad is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844011",
"Version": "1",
"Check": "all",
"Comment": "python3-module-freeipa is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844012",
"Version": "1",
"Check": "all",
"Comment": "python3-module-ipaclient is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844013",
"Version": "1",
"Check": "all",
"Comment": "python3-module-ipaserver is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416844014",
"Version": "1",
"Check": "all",
"Comment": "python3-module-ipatests is earlier than 0:4.9.14-alt1.c10f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416844014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416844001"
}
}
]
}

89
oval/c10f1/ALT-PU-2024-16906/definitions.json Normal file
View File

@ -0,0 +1,89 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416906",
"Version": "oval:org.altlinux.errata:def:202416906",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16906: package `libmodbus` update to version 3.1.11-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16906",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16906",
"Source": "ALTPU"
},
{
"RefID": "CVE-2022-0367",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0367",
"Source": "CVE"
}
],
"Description": "This update upgrades libmodbus to version 3.1.11-alt1. \nSecurity Fix(es):\n\n * CVE-2022-0367: A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2022-0367",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0367",
"Impact": "High",
"Public": "20220829"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416906001",
"Comment": "libmodbus is earlier than 0:3.1.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416906002",
"Comment": "libmodbus-devel is earlier than 0:3.1.11-alt1"
}
]
}
]
}
}
]
}

40
oval/c10f1/ALT-PU-2024-16906/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416906001",
"Version": "1",
"Comment": "libmodbus is installed",
"Name": "libmodbus"
},
{
"ID": "oval:org.altlinux.errata:obj:202416906002",
"Version": "1",
"Comment": "libmodbus-devel is installed",
"Name": "libmodbus-devel"
}
]
}

23
oval/c10f1/ALT-PU-2024-16906/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416906001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3.1.11-alt1",
"Arch": {},
"EVR": {
"Text": "0:3.1.11-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c10f1/ALT-PU-2024-16906/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416906001",
"Version": "1",
"Check": "all",
"Comment": "libmodbus is earlier than 0:3.1.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416906001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416906001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416906002",
"Version": "1",
"Check": "all",
"Comment": "libmodbus-devel is earlier than 0:3.1.11-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416906002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416906001"
}
}
]
}

124
oval/c10f1/ALT-PU-2024-17000/definitions.json Normal file
View File

@ -0,0 +1,124 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417000",
"Version": "oval:org.altlinux.errata:def:202417000",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17000: package `minio` update to version 2024.11.07-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17000",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17000",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-01131",
"RefURL": "https://bdu.fstec.ru/vul/2024-01131",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06172",
"RefURL": "https://bdu.fstec.ru/vul/2024-06172",
"Source": "BDU"
},
{
"RefID": "CVE-2024-24747",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-24747",
"Source": "CVE"
},
{
"RefID": "CVE-2024-36107",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-36107",
"Source": "CVE"
}
],
"Description": "This update upgrades minio to version 2024.11.07-alt1. \nSecurity Fix(es):\n\n * BDU:2024-01131: Уязвимость сервера хранения объектов MinIO, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2024-06172: Уязвимость сервера хранения объектов MinIO, связанная с раскрытием конфиденциальной информации неавторизованному лицу, позволяющая нарушителю раскрыть конфиденциальную информацию\n\n * CVE-2024-24747: MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, access keys will be able to simply override their own `s3` permissions to something more permissive. The vulnerability is fixed in RELEASE.2024-01-31T20-20-33Z.\n\n * CVE-2024-36107: MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. `If-Modified-Since` and `If-Unmodified-Since` headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a specific bucket and also gain access to some amount of\ninformation such as `Last-Modified (of the latest version)`, `Etag (of the latest version)`, `x-amz-version-id (of the latest version)`, `Expires (metadata value of the latest version)`, `Cache-Control (metadata value of the latest version)`. This conditional check was being honored before validating if the anonymous access is indeed allowed on the metadata of an object. This issue has been addressed in commit `e0fe7cc3917`. Users must upgrade to RELEASE.2024-05-27T19-17-46Z for the fix. There are no known workarounds for this issue.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
},
"BDUs": [
{
"ID": "BDU:2024-01131",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-264, CWE-269, CWE-278, CWE-1188",
"Href": "https://bdu.fstec.ru/vul/2024-01131",
"Impact": "High",
"Public": "20240126"
},
{
"ID": "BDU:2024-06172",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2024-06172",
"Impact": "Low",
"Public": "20240528"
}
],
"CVEs": [
{
"ID": "CVE-2024-24747",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-24747",
"Impact": "High",
"Public": "20240131"
},
{
"ID": "CVE-2024-36107",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-36107",
"Impact": "None",
"Public": "20240528"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417000001",
"Comment": "minio is earlier than 0:2024.11.07-alt1"
}
]
}
]
}
}
]
}

34
oval/c10f1/ALT-PU-2024-17000/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417000001",
"Version": "1",
"Comment": "minio is installed",
"Name": "minio"
}
]
}

23
oval/c10f1/ALT-PU-2024-17000/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417000001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2024.11.07-alt1",
"Arch": {},
"EVR": {
"Text": "0:2024.11.07-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f1/ALT-PU-2024-17000/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417000001",
"Version": "1",
"Check": "all",
"Comment": "minio is earlier than 0:2024.11.07-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417000001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417000001"
}
}
]
}

104
oval/c9f2/ALT-PU-2024-16984/definitions.json Normal file
View File

@ -0,0 +1,104 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416984",
"Version": "oval:org.altlinux.errata:def:202416984",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16984: package `python-module-webob` update to version 1.8.9-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16984",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16984",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-07761",
"RefURL": "https://bdu.fstec.ru/vul/2024-07761",
"Source": "BDU"
},
{
"RefID": "CVE-2024-42353",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-42353",
"Source": "CVE"
}
],
"Description": "This update upgrades python-module-webob to version 1.8.9-alt1. \nSecurity Fix(es):\n\n * BDU:2024-07761: Уязвимость функций urlparse() и urljoin() библиотеки для разбора HTTP-запросов и формирования HTTP-ответов WebOb, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес\n\n * CVE-2024-42353: WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. `urlparse` however treats a `//` at the start of a string as a URI without a scheme, and then treats the next part as the hostname. `urljoin` will then use that hostname from the second part as the hostname replacing the original one from the request. This vulnerability is patched in WebOb version 1.8.8.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
},
"BDUs": [
{
"ID": "BDU:2024-07761",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-601",
"Href": "https://bdu.fstec.ru/vul/2024-07761",
"Impact": "Low",
"Public": "20240814"
}
],
"CVEs": [
{
"ID": "CVE-2024-42353",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-601",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-42353",
"Impact": "Low",
"Public": "20240814"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416984001",
"Comment": "python-module-webob is earlier than 0:1.8.9-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416984002",
"Comment": "python3-module-webob is earlier than 0:1.8.9-alt1"
}
]
}
]
}
}
]
}

40
oval/c9f2/ALT-PU-2024-16984/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416984001",
"Version": "1",
"Comment": "python-module-webob is installed",
"Name": "python-module-webob"
},
{
"ID": "oval:org.altlinux.errata:obj:202416984002",
"Version": "1",
"Comment": "python3-module-webob is installed",
"Name": "python3-module-webob"
}
]
}

23
oval/c9f2/ALT-PU-2024-16984/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416984001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.8.9-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.8.9-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c9f2/ALT-PU-2024-16984/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416984001",
"Version": "1",
"Check": "all",
"Comment": "python-module-webob is earlier than 0:1.8.9-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416984001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416984001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416984002",
"Version": "1",
"Check": "all",
"Comment": "python3-module-webob is earlier than 0:1.8.9-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416984002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416984001"
}
}
]
}

201
oval/c9f2/ALT-PU-2024-17009/definitions.json Normal file
View File

@ -0,0 +1,201 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417009",
"Version": "oval:org.altlinux.errata:def:202417009",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17009: package `vim` update to version 9.1.0917-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17009",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17009",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-06299",
"RefURL": "https://bdu.fstec.ru/vul/2024-06299",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06478",
"RefURL": "https://bdu.fstec.ru/vul/2024-06478",
"Source": "BDU"
},
{
"RefID": "CVE-2024-41957",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41957",
"Source": "CVE"
},
{
"RefID": "CVE-2024-41965",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41965",
"Source": "CVE"
},
{
"RefID": "CVE-2024-45306",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-45306",
"Source": "CVE"
}
],
"Description": "This update upgrades vim to version 9.1.0917-alt2. \nSecurity Fix(es):\n\n * BDU:2024-06299: Уязвимость компонента File Name Handler текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2024-06478: Уязвимость функции tagstack_clear_entry() файла src/alloc.c текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2024-41957: Vim is an open source command line text editor. Vim \u003c v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-default flags,\nbut it may cause a crash of Vim. The issue has been fixed as of Vim patch v9.1.0647\n\n * CVE-2024-41965: Vim is an open source command line text editor. double-free in dialog_changed() in Vim \u003c v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a name yet. However, when setting the buffer name to Unnamed, Vim will falsely free a pointer twice, leading to a double-free and possibly later to a heap-use-after-free, which can lead to a crash. The issue has been fixed as of Vim patch v9.1.0648.\n\n * CVE-2024-45306: Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.\n\n * #49541: vim-common and vim-minimal conflict on merged-usr\n\n * #51821: Для закрытия CVE-2024-43374 необходимо обновить пакет\n\n * #52413: Конфликт: файл /usr/share/vim/ftplugin/mediawiki.vim из устанавливаемого пакета vim-plugin-mediawiki-syntax-0.0-alt5.noarch конфликтует с файлом из пакета vim-common-4:9.1.0917-alt1.noarch",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
},
"BDUs": [
{
"ID": "BDU:2024-06299",
"CVSS": "AV:L/AC:H/Au:S/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06299",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "BDU:2024-06478",
"CVSS": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-06478",
"Impact": "Low",
"Public": "20240801"
}
],
"CVEs": [
{
"ID": "CVE-2024-41957",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-41957",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "CVE-2024-41965",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-41965",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "CVE-2024-45306",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-45306",
"Impact": "Low",
"Public": "20240902"
}
],
"Bugzilla": [
{
"ID": "49541",
"Href": "https://bugzilla.altlinux.org/49541",
"Data": "vim-common and vim-minimal conflict on merged-usr"
},
{
"ID": "51821",
"Href": "https://bugzilla.altlinux.org/51821",
"Data": "Для закрытия CVE-2024-43374 необходимо обновить пакет"
},
{
"ID": "52413",
"Href": "https://bugzilla.altlinux.org/52413",
"Data": "Конфликт: файл /usr/share/vim/ftplugin/mediawiki.vim из устанавливаемого пакета vim-plugin-mediawiki-syntax-0.0-alt5.noarch конфликтует с файлом из пакета vim-common-4:9.1.0917-alt1.noarch"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417009001",
"Comment": "rpm-build-vim is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009002",
"Comment": "vim-X11 is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009003",
"Comment": "vim-X11-gnome2 is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009004",
"Comment": "vim-X11-gtk2 is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009005",
"Comment": "vim-X11-gtk3 is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009006",
"Comment": "vim-common is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009007",
"Comment": "vim-console is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009008",
"Comment": "vim-enhanced is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009009",
"Comment": "vim-minimal is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009010",
"Comment": "vim-spell-source is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009011",
"Comment": "vimtutor is earlier than 4:9.1.0917-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202417009012",
"Comment": "xxd is earlier than 4:9.1.0917-alt2"
}
]
}
]
}
}
]
}

100
oval/c9f2/ALT-PU-2024-17009/objects.json Normal file
View File

@ -0,0 +1,100 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417009001",
"Version": "1",
"Comment": "rpm-build-vim is installed",
"Name": "rpm-build-vim"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009002",
"Version": "1",
"Comment": "vim-X11 is installed",
"Name": "vim-X11"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009003",
"Version": "1",
"Comment": "vim-X11-gnome2 is installed",
"Name": "vim-X11-gnome2"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009004",
"Version": "1",
"Comment": "vim-X11-gtk2 is installed",
"Name": "vim-X11-gtk2"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009005",
"Version": "1",
"Comment": "vim-X11-gtk3 is installed",
"Name": "vim-X11-gtk3"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009006",
"Version": "1",
"Comment": "vim-common is installed",
"Name": "vim-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009007",
"Version": "1",
"Comment": "vim-console is installed",
"Name": "vim-console"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009008",
"Version": "1",
"Comment": "vim-enhanced is installed",
"Name": "vim-enhanced"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009009",
"Version": "1",
"Comment": "vim-minimal is installed",
"Name": "vim-minimal"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009010",
"Version": "1",
"Comment": "vim-spell-source is installed",
"Name": "vim-spell-source"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009011",
"Version": "1",
"Comment": "vimtutor is installed",
"Name": "vimtutor"
},
{
"ID": "oval:org.altlinux.errata:obj:202417009012",
"Version": "1",
"Comment": "xxd is installed",
"Name": "xxd"
}
]
}

23
oval/c9f2/ALT-PU-2024-17009/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417009001",
"Version": "1",
"Comment": "package EVR is earlier than 4:9.1.0917-alt2",
"Arch": {},
"EVR": {
"Text": "4:9.1.0917-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

162
oval/c9f2/ALT-PU-2024-17009/tests.json Normal file
View File

@ -0,0 +1,162 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417009001",
"Version": "1",
"Check": "all",
"Comment": "rpm-build-vim is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009002",
"Version": "1",
"Check": "all",
"Comment": "vim-X11 is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009003",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gnome2 is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009004",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gtk2 is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009005",
"Version": "1",
"Check": "all",
"Comment": "vim-X11-gtk3 is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009006",
"Version": "1",
"Check": "all",
"Comment": "vim-common is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009007",
"Version": "1",
"Check": "all",
"Comment": "vim-console is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009008",
"Version": "1",
"Check": "all",
"Comment": "vim-enhanced is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009009",
"Version": "1",
"Check": "all",
"Comment": "vim-minimal is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009010",
"Version": "1",
"Check": "all",
"Comment": "vim-spell-source is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009011",
"Version": "1",
"Check": "all",
"Comment": "vimtutor is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202417009012",
"Version": "1",
"Check": "all",
"Comment": "xxd is earlier than 4:9.1.0917-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417009012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417009001"
}
}
]
}

102
oval/p10/ALT-PU-2024-16117/definitions.json Normal file
View File

@ -0,0 +1,102 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416117",
"Version": "oval:org.altlinux.errata:def:202416117",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16117: package `python3-module-pygobject3` update to version 3.40.1-alt2.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit",
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16117",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16117",
"Source": "ALTPU"
}
],
"Description": "This update upgrades python3-module-pygobject3 to version 3.40.1-alt2.p10.1. \nSecurity Fix(es):\n\n * #51976: Вытягивает libcairo",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "51976",
"Href": "https://bugzilla.altlinux.org/51976",
"Data": "Вытягивает libcairo"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:container:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416117001",
"Comment": "python3-module-pygobject3 is earlier than 0:3.40.1-alt2.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416117002",
"Comment": "python3-module-pygobject3-devel is earlier than 0:3.40.1-alt2.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416117003",
"Comment": "python3-module-pygobject3-nox is earlier than 0:3.40.1-alt2.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416117004",
"Comment": "python3-module-pygobject3-pygtkcompat is earlier than 0:3.40.1-alt2.p10.1"
}
]
}
]
}
}
]
}

52
oval/p10/ALT-PU-2024-16117/objects.json Normal file
View File

@ -0,0 +1,52 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416117001",
"Version": "1",
"Comment": "python3-module-pygobject3 is installed",
"Name": "python3-module-pygobject3"
},
{
"ID": "oval:org.altlinux.errata:obj:202416117002",
"Version": "1",
"Comment": "python3-module-pygobject3-devel is installed",
"Name": "python3-module-pygobject3-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202416117003",
"Version": "1",
"Comment": "python3-module-pygobject3-nox is installed",
"Name": "python3-module-pygobject3-nox"
},
{
"ID": "oval:org.altlinux.errata:obj:202416117004",
"Version": "1",
"Comment": "python3-module-pygobject3-pygtkcompat is installed",
"Name": "python3-module-pygobject3-pygtkcompat"
}
]
}

23
oval/p10/ALT-PU-2024-16117/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416117001",
"Version": "1",
"Comment": "package EVR is earlier than 0:3.40.1-alt2.p10.1",
"Arch": {},
"EVR": {
"Text": "0:3.40.1-alt2.p10.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

66
oval/p10/ALT-PU-2024-16117/tests.json Normal file
View File

@ -0,0 +1,66 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416117001",
"Version": "1",
"Check": "all",
"Comment": "python3-module-pygobject3 is earlier than 0:3.40.1-alt2.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416117001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416117001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416117002",
"Version": "1",
"Check": "all",
"Comment": "python3-module-pygobject3-devel is earlier than 0:3.40.1-alt2.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416117002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416117001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416117003",
"Version": "1",
"Check": "all",
"Comment": "python3-module-pygobject3-nox is earlier than 0:3.40.1-alt2.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416117003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416117001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416117004",
"Version": "1",
"Check": "all",
"Comment": "python3-module-pygobject3-pygtkcompat is earlier than 0:3.40.1-alt2.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416117004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416117001"
}
}
]
}

96
oval/p11/ALT-PU-2024-16976/definitions.json Normal file
View File

@ -0,0 +1,96 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202416976",
"Version": "oval:org.altlinux.errata:def:202416976",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-16976: package `bash5` update to version 5.2.37-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-16976",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-16976",
"Source": "ALTPU"
}
],
"Description": "This update upgrades bash5 to version 5.2.37-alt1. \nSecurity Fix(es):\n\n * #52156: /usr/lib/bash5 не в BASH_LOADABLES_PATH\n\n * #52222: Сборка с --enable-net-redirections",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "52156",
"Href": "https://bugzilla.altlinux.org/52156",
"Data": "/usr/lib/bash5 не в BASH_LOADABLES_PATH"
},
{
"ID": "52222",
"Href": "https://bugzilla.altlinux.org/52222",
"Data": "Сборка с --enable-net-redirections"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202416976001",
"Comment": "bash5 is earlier than 0:5.2.37-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416976002",
"Comment": "bash5-devel is earlier than 0:5.2.37-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416976003",
"Comment": "bash5-doc is earlier than 0:5.2.37-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416976004",
"Comment": "bash5-examples is earlier than 0:5.2.37-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202416976005",
"Comment": "sh5 is earlier than 0:5.2.37-alt1"
}
]
}
]
}
}
]
}

58
oval/p11/ALT-PU-2024-16976/objects.json Normal file
View File

@ -0,0 +1,58 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202416976001",
"Version": "1",
"Comment": "bash5 is installed",
"Name": "bash5"
},
{
"ID": "oval:org.altlinux.errata:obj:202416976002",
"Version": "1",
"Comment": "bash5-devel is installed",
"Name": "bash5-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202416976003",
"Version": "1",
"Comment": "bash5-doc is installed",
"Name": "bash5-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202416976004",
"Version": "1",
"Comment": "bash5-examples is installed",
"Name": "bash5-examples"
},
{
"ID": "oval:org.altlinux.errata:obj:202416976005",
"Version": "1",
"Comment": "sh5 is installed",
"Name": "sh5"
}
]
}

23
oval/p11/ALT-PU-2024-16976/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202416976001",
"Version": "1",
"Comment": "package EVR is earlier than 0:5.2.37-alt1",
"Arch": {},
"EVR": {
"Text": "0:5.2.37-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

78
oval/p11/ALT-PU-2024-16976/tests.json Normal file
View File

@ -0,0 +1,78 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p11' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202416976001",
"Version": "1",
"Check": "all",
"Comment": "bash5 is earlier than 0:5.2.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416976001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416976001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416976002",
"Version": "1",
"Check": "all",
"Comment": "bash5-devel is earlier than 0:5.2.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416976002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416976001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416976003",
"Version": "1",
"Check": "all",
"Comment": "bash5-doc is earlier than 0:5.2.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416976003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416976001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416976004",
"Version": "1",
"Check": "all",
"Comment": "bash5-examples is earlier than 0:5.2.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416976004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416976001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202416976005",
"Version": "1",
"Check": "all",
"Comment": "sh5 is earlier than 0:5.2.37-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202416976005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202416976001"
}
}
]
}

155
oval/p11/ALT-PU-2024-17120/definitions.json Normal file
View File

@ -0,0 +1,155 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417120",
"Version": "oval:org.altlinux.errata:def:202417120",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17120: package `vault` update to version 1.13.12-alt6",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17120",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17120",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-06667",
"RefURL": "https://bdu.fstec.ru/vul/2024-06667",
"Source": "BDU"
},
{
"RefID": "BDU:2024-09085",
"RefURL": "https://bdu.fstec.ru/vul/2024-09085",
"Source": "BDU"
},
{
"RefID": "BDU:2024-09147",
"RefURL": "https://bdu.fstec.ru/vul/2024-09147",
"Source": "BDU"
},
{
"RefID": "CVE-2024-6468",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-6468",
"Source": "CVE"
},
{
"RefID": "CVE-2024-8185",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-8185",
"Source": "CVE"
},
{
"RefID": "CVE-2024-9180",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-9180",
"Source": "CVE"
}
],
"Description": "This update upgrades vault to version 1.13.12-alt6. \nSecurity Fix(es):\n\n * BDU:2024-06667: Уязвимость платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, связанная с неправильной проверкой или обработкой исключительных условий, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-09085: Уязвимость алгоритма распределения данных Raft Consensus Algorithm хранилища Integrated storage (Raft) платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-09147: Уязвимость платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, связанная с неправильным назначением привилегий, позволяющая нарушителю повысить свои привилегии\n\n * CVE-2024-6468: Vault and Vault Enterprise did not properly handle requests originating from unauthorized IP addresses when the TCP listener option, proxy_protocol_behavior, was set to deny_unauthorized. When receiving a request from a source IP address that was not listed in proxy_protocol_authorized_addrs, the Vault API server would shut down and no longer respond to any HTTP requests, potentially resulting in denial of service.\n\nWhile this bug also affected versions of Vault up to 1.17.1 and 1.16.5, a separate regression in those release series did not allow Vault operators to configure the deny_unauthorized option, thus not allowing the conditions for the denial of service to occur.\n\nFixed in Vault and Vault Enterprise 1.17.2, 1.16.6, and 1.15.12.\n\n * CVE-2024-8185: Vault Community and Vault Enterprise (“Vault”) clusters using Vaults Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vault to consume excessive system memory resources, potentially leading to a crash of the underlying system and the Vault process itself.\n\nThis vulnerability, CVE-2024-8185, is fixed in Vault Community 1.18.1 and Vault Enterprise 1.18.1, 1.17.8, and 1.16.12.\n\n * CVE-2024-9180: A privileged Vault operator with write permissions to the root namespaces identity endpoint could escalate their own or another users privileges to Vaults root policy. Fixed in Vault Community Edition 1.18.0 and Vault Enterprise 1.18.0, 1.17.7, 1.16.11, and 1.15.16.\n\n * #52418: Необходимо закрыть CVE-2024-8185, CVE-2024-9180, CVE-2024-6468",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
},
"BDUs": [
{
"ID": "BDU:2024-06667",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-703",
"Href": "https://bdu.fstec.ru/vul/2024-06667",
"Impact": "High",
"Public": "20240711"
},
{
"ID": "BDU:2024-09085",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-636",
"Href": "https://bdu.fstec.ru/vul/2024-09085",
"Impact": "High",
"Public": "20241031"
},
{
"ID": "BDU:2024-09147",
"CVSS": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-266",
"Href": "https://bdu.fstec.ru/vul/2024-09147",
"Impact": "High",
"Public": "20241010"
}
],
"CVEs": [
{
"ID": "CVE-2024-6468",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-6468",
"Impact": "None",
"Public": "20240711"
},
{
"ID": "CVE-2024-8185",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-8185",
"Impact": "None",
"Public": "20241031"
},
{
"ID": "CVE-2024-9180",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-9180",
"Impact": "High",
"Public": "20241010"
}
],
"Bugzilla": [
{
"ID": "52418",
"Href": "https://bugzilla.altlinux.org/52418",
"Data": "Необходимо закрыть CVE-2024-8185, CVE-2024-9180, CVE-2024-6468"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417120001",
"Comment": "vault is earlier than 0:1.13.12-alt6"
}
]
}
]
}
}
]
}

34
oval/p11/ALT-PU-2024-17120/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417120001",
"Version": "1",
"Comment": "vault is installed",
"Name": "vault"
}
]
}

23
oval/p11/ALT-PU-2024-17120/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417120001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.13.12-alt6",
"Arch": {},
"EVR": {
"Text": "0:1.13.12-alt6",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p11/ALT-PU-2024-17120/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p11' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417120001",
"Version": "1",
"Check": "all",
"Comment": "vault is earlier than 0:1.13.12-alt6",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417120001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417120001"
}
}
]
}