pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-08-20 03:04:26 +00:00
parent c37900b462
commit 889a5cb37a
40 changed files with 3867 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
oval/c10f1/ALT-PU-2024-11226/definitions.json Normal file
View File

@ -0,0 +1,160 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411226",
"Version": "oval:org.altlinux.errata:def:202411226",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11226: package `git` update to version 2.42.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11226",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11226",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-03872",
"RefURL": "https://bdu.fstec.ru/vul/2024-03872",
"Source": "BDU"
},
{
"RefID": "CVE-2024-32002",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-32002",
"Source": "CVE"
}
],
"Description": "This update upgrades git to version 2.42.2-alt1. \nSecurity Fix(es):\n\n * BDU:2024-03872: Уязвимость распределенной системы контроля версий Git, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2024-32002: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": [
{
"ID": "BDU:2024-03872",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-22, CWE-434",
"Href": "https://bdu.fstec.ru/vul/2024-03872",
"Impact": "Critical",
"Public": "20240514"
}
],
"CVEs": [
{
"ID": "CVE-2024-32002",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-59",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-32002",
"Impact": "Critical",
"Public": "20240514"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411226001",
"Comment": "git is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226002",
"Comment": "git-arch is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226003",
"Comment": "git-contrib is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226004",
"Comment": "git-core is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226005",
"Comment": "git-cvs is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226006",
"Comment": "git-diff-highlight is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226007",
"Comment": "git-doc is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226008",
"Comment": "git-email is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226009",
"Comment": "git-full is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226010",
"Comment": "git-gui is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226011",
"Comment": "git-server is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226012",
"Comment": "git-subtree is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226013",
"Comment": "git-svn is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226014",
"Comment": "gitk is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226015",
"Comment": "gitweb is earlier than 0:2.42.2-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411226016",
"Comment": "perl-Git is earlier than 0:2.42.2-alt1"
}
]
}
]
}
}
]
}

124
oval/c10f1/ALT-PU-2024-11226/objects.json Normal file
View File

@ -0,0 +1,124 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411226001",
"Version": "1",
"Comment": "git is installed",
"Name": "git"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226002",
"Version": "1",
"Comment": "git-arch is installed",
"Name": "git-arch"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226003",
"Version": "1",
"Comment": "git-contrib is installed",
"Name": "git-contrib"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226004",
"Version": "1",
"Comment": "git-core is installed",
"Name": "git-core"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226005",
"Version": "1",
"Comment": "git-cvs is installed",
"Name": "git-cvs"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226006",
"Version": "1",
"Comment": "git-diff-highlight is installed",
"Name": "git-diff-highlight"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226007",
"Version": "1",
"Comment": "git-doc is installed",
"Name": "git-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226008",
"Version": "1",
"Comment": "git-email is installed",
"Name": "git-email"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226009",
"Version": "1",
"Comment": "git-full is installed",
"Name": "git-full"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226010",
"Version": "1",
"Comment": "git-gui is installed",
"Name": "git-gui"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226011",
"Version": "1",
"Comment": "git-server is installed",
"Name": "git-server"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226012",
"Version": "1",
"Comment": "git-subtree is installed",
"Name": "git-subtree"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226013",
"Version": "1",
"Comment": "git-svn is installed",
"Name": "git-svn"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226014",
"Version": "1",
"Comment": "gitk is installed",
"Name": "gitk"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226015",
"Version": "1",
"Comment": "gitweb is installed",
"Name": "gitweb"
},
{
"ID": "oval:org.altlinux.errata:obj:202411226016",
"Version": "1",
"Comment": "perl-Git is installed",
"Name": "perl-Git"
}
]
}

23
oval/c10f1/ALT-PU-2024-11226/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411226001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2.42.2-alt1",
"Arch": {},
"EVR": {
"Text": "0:2.42.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

210
oval/c10f1/ALT-PU-2024-11226/tests.json Normal file
View File

@ -0,0 +1,210 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411226001",
"Version": "1",
"Check": "all",
"Comment": "git is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226002",
"Version": "1",
"Check": "all",
"Comment": "git-arch is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226003",
"Version": "1",
"Check": "all",
"Comment": "git-contrib is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226004",
"Version": "1",
"Check": "all",
"Comment": "git-core is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226005",
"Version": "1",
"Check": "all",
"Comment": "git-cvs is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226006",
"Version": "1",
"Check": "all",
"Comment": "git-diff-highlight is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226007",
"Version": "1",
"Check": "all",
"Comment": "git-doc is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226008",
"Version": "1",
"Check": "all",
"Comment": "git-email is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226009",
"Version": "1",
"Check": "all",
"Comment": "git-full is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226010",
"Version": "1",
"Check": "all",
"Comment": "git-gui is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226011",
"Version": "1",
"Check": "all",
"Comment": "git-server is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226012",
"Version": "1",
"Check": "all",
"Comment": "git-subtree is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226013",
"Version": "1",
"Check": "all",
"Comment": "git-svn is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226014",
"Version": "1",
"Check": "all",
"Comment": "gitk is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226015",
"Version": "1",
"Check": "all",
"Comment": "gitweb is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411226016",
"Version": "1",
"Check": "all",
"Comment": "perl-Git is earlier than 0:2.42.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411226016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411226001"
}
}
]
}

129
oval/c9f2/ALT-PU-2024-11122/definitions.json Normal file
View File

@ -0,0 +1,129 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411122",
"Version": "oval:org.altlinux.errata:def:202411122",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11122: package `inspircd` update to version 2.0.29-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11122",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11122",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-06171",
"RefURL": "https://bdu.fstec.ru/vul/2022-06171",
"Source": "BDU"
},
{
"RefID": "BDU:2022-06172",
"RefURL": "https://bdu.fstec.ru/vul/2022-06172",
"Source": "BDU"
},
{
"RefID": "CVE-2019-20917",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-20917",
"Source": "CVE"
},
{
"RefID": "CVE-2020-25269",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-25269",
"Source": "CVE"
}
],
"Description": "This update upgrades inspircd to version 2.0.29-alt1. \nSecurity Fix(es):\n\n * BDU:2022-06171: Уязвимость демона InspIRCd, связанная с ошибками разыменования указателей, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-06172: Уязвимость демона InspIRCd, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2019-20917: An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.\n\n * CVE-2020-25269: An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": [
{
"ID": "BDU:2022-06171",
"CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-06171",
"Impact": "Low",
"Public": "20190819"
},
{
"ID": "BDU:2022-06172",
"CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-06172",
"Impact": "Low",
"Public": "20200422"
}
],
"CVEs": [
{
"ID": "CVE-2019-20917",
"CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-20917",
"Impact": "Low",
"Public": "20200911"
},
{
"ID": "CVE-2020-25269",
"CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-25269",
"Impact": "Low",
"Public": "20200911"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411122001",
"Comment": "inspircd is earlier than 0:2.0.29-alt1"
}
]
}
]
}
}
]
}

34
oval/c9f2/ALT-PU-2024-11122/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411122001",
"Version": "1",
"Comment": "inspircd is installed",
"Name": "inspircd"
}
]
}

23
oval/c9f2/ALT-PU-2024-11122/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411122001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2.0.29-alt1",
"Arch": {},
"EVR": {
"Text": "0:2.0.29-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2024-11122/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411122001",
"Version": "1",
"Check": "all",
"Comment": "inspircd is earlier than 0:2.0.29-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411122001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411122001"
}
}
]
}

123
oval/c9f2/ALT-PU-2024-11124/definitions.json Normal file
View File

@ -0,0 +1,123 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411124",
"Version": "oval:org.altlinux.errata:def:202411124",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11124: package `jbig2dec` update to version 0.19-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11124",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11124",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-05687",
"RefURL": "https://bdu.fstec.ru/vul/2022-05687",
"Source": "BDU"
},
{
"RefID": "CVE-2016-9601",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9601",
"Source": "CVE"
},
{
"RefID": "CVE-2020-12268",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-12268",
"Source": "CVE"
}
],
"Description": "This update upgrades jbig2dec to version 0.19-alt1. \nSecurity Fix(es):\n\n * BDU:2022-05687: Уязвимость функции jbig2_image_compose компонента jbig2_image.c декодера формата сжатия изображений JBIG2 Jbig2dec, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2016-9601: ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.\n\n * CVE-2020-12268: jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": [
{
"ID": "BDU:2022-05687",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-05687",
"Impact": "Critical",
"Public": "20200427"
}
],
"CVEs": [
{
"ID": "CVE-2016-9601",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9601",
"Impact": "Low",
"Public": "20180424"
},
{
"ID": "CVE-2020-12268",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-12268",
"Impact": "Critical",
"Public": "20200427"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411124001",
"Comment": "jbig2dec is earlier than 0:0.19-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411124002",
"Comment": "libjbig2dec is earlier than 0:0.19-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411124003",
"Comment": "libjbig2dec-devel is earlier than 0:0.19-alt1"
}
]
}
]
}
}
]
}

46
oval/c9f2/ALT-PU-2024-11124/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411124001",
"Version": "1",
"Comment": "jbig2dec is installed",
"Name": "jbig2dec"
},
{
"ID": "oval:org.altlinux.errata:obj:202411124002",
"Version": "1",
"Comment": "libjbig2dec is installed",
"Name": "libjbig2dec"
},
{
"ID": "oval:org.altlinux.errata:obj:202411124003",
"Version": "1",
"Comment": "libjbig2dec-devel is installed",
"Name": "libjbig2dec-devel"
}
]
}

23
oval/c9f2/ALT-PU-2024-11124/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411124001",
"Version": "1",
"Comment": "package EVR is earlier than 0:0.19-alt1",
"Arch": {},
"EVR": {
"Text": "0:0.19-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/c9f2/ALT-PU-2024-11124/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411124001",
"Version": "1",
"Check": "all",
"Comment": "jbig2dec is earlier than 0:0.19-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411124001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411124001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411124002",
"Version": "1",
"Check": "all",
"Comment": "libjbig2dec is earlier than 0:0.19-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411124002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411124001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411124003",
"Version": "1",
"Check": "all",
"Comment": "libjbig2dec-devel is earlier than 0:0.19-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411124003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411124001"
}
}
]
}

85
oval/c9f2/ALT-PU-2024-11156/definitions.json Normal file
View File

@ -0,0 +1,85 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411156",
"Version": "oval:org.altlinux.errata:def:202411156",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11156: package `unace` update to version 1.2b-alt5",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11156",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11156",
"Source": "ALTPU"
},
{
"RefID": "CVE-2015-2063",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-2063",
"Source": "CVE"
}
],
"Description": "This update upgrades unace to version 1.2b-alt5. \nSecurity Fix(es):\n\n * CVE-2015-2063: Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer overflow.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2015-2063",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CWE": "CWE-189",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-2063",
"Impact": "Low",
"Public": "20150309"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411156001",
"Comment": "unace is earlier than 0:1.2b-alt5"
}
]
}
]
}
}
]
}

34
oval/c9f2/ALT-PU-2024-11156/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411156001",
"Version": "1",
"Comment": "unace is installed",
"Name": "unace"
}
]
}

23
oval/c9f2/ALT-PU-2024-11156/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411156001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.2b-alt5",
"Arch": {},
"EVR": {
"Text": "0:1.2b-alt5",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2024-11156/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411156001",
"Version": "1",
"Check": "all",
"Comment": "unace is earlier than 0:1.2b-alt5",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411156001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411156001"
}
}
]
}

86
oval/c9f2/ALT-PU-2024-11158/definitions.json Normal file
View File

@ -0,0 +1,86 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411158",
"Version": "oval:org.altlinux.errata:def:202411158",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11158: package `shellinabox` update to version 2.20-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11158",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11158",
"Source": "ALTPU"
},
{
"RefID": "CVE-2018-16789",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-16789",
"Source": "CVE"
}
],
"Description": "This update upgrades shellinabox to version 2.20-alt2. \nSecurity Fix(es):\n\n * CVE-2018-16789: libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resources and taking the service down.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2018-16789",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-835",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-16789",
"Impact": "High",
"Public": "20190321"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411158001",
"Comment": "shellinabox is earlier than 0:2.20-alt2"
}
]
}
]
}
}
]
}

34
oval/c9f2/ALT-PU-2024-11158/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411158001",
"Version": "1",
"Comment": "shellinabox is installed",
"Name": "shellinabox"
}
]
}

23
oval/c9f2/ALT-PU-2024-11158/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411158001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2.20-alt2",
"Arch": {},
"EVR": {
"Text": "0:2.20-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2024-11158/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411158001",
"Version": "1",
"Check": "all",
"Comment": "shellinabox is earlier than 0:2.20-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411158001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411158001"
}
}
]
}

356
oval/c9f2/ALT-PU-2024-11160/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

46
oval/c9f2/ALT-PU-2024-11160/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411160001",
"Version": "1",
"Comment": "libiec61850 is installed",
"Name": "libiec61850"
},
{
"ID": "oval:org.altlinux.errata:obj:202411160002",
"Version": "1",
"Comment": "libiec61850-devel is installed",
"Name": "libiec61850-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202411160003",
"Version": "1",
"Comment": "libiec61850-devel-static is installed",
"Name": "libiec61850-devel-static"
}
]
}

23
oval/c9f2/ALT-PU-2024-11160/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411160001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.5.3-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.5.3-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/c9f2/ALT-PU-2024-11160/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411160001",
"Version": "1",
"Check": "all",
"Comment": "libiec61850 is earlier than 0:1.5.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411160001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411160001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411160002",
"Version": "1",
"Check": "all",
"Comment": "libiec61850-devel is earlier than 0:1.5.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411160002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411160001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411160003",
"Version": "1",
"Check": "all",
"Comment": "libiec61850-devel-static is earlier than 0:1.5.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411160003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411160001"
}
}
]
}

132
oval/c9f2/ALT-PU-2024-11162/definitions.json Normal file
View File

@ -0,0 +1,132 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411162",
"Version": "oval:org.altlinux.errata:def:202411162",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11162: package `icoutils` update to version 0.32.3-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11162",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11162",
"Source": "ALTPU"
},
{
"RefID": "CVE-2017-5208",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5208",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5331",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5331",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5332",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5332",
"Source": "CVE"
},
{
"RefID": "CVE-2017-5333",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-5333",
"Source": "CVE"
}
],
"Description": "This update upgrades icoutils to version 0.32.3-alt1. \nSecurity Fix(es):\n\n * CVE-2017-5208: Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service (memory corruption) via a crafted executable, which triggers a denial of service (application crash) or the possibility of execution of arbitrary code.\n\n * CVE-2017-5331: Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.\n\n * CVE-2017-5332: The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.\n\n * CVE-2017-5333: Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2017-5208",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5208",
"Impact": "High",
"Public": "20170822"
},
{
"ID": "CVE-2017-5331",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5331",
"Impact": "High",
"Public": "20191104"
},
{
"ID": "CVE-2017-5332",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5332",
"Impact": "High",
"Public": "20191104"
},
{
"ID": "CVE-2017-5333",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-5333",
"Impact": "High",
"Public": "20191104"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411162001",
"Comment": "icoutils is earlier than 0:0.32.3-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411162002",
"Comment": "icoutils-extra is earlier than 0:0.32.3-alt1"
}
]
}
]
}
}
]
}

40
oval/c9f2/ALT-PU-2024-11162/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411162001",
"Version": "1",
"Comment": "icoutils is installed",
"Name": "icoutils"
},
{
"ID": "oval:org.altlinux.errata:obj:202411162002",
"Version": "1",
"Comment": "icoutils-extra is installed",
"Name": "icoutils-extra"
}
]
}

23
oval/c9f2/ALT-PU-2024-11162/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411162001",
"Version": "1",
"Comment": "package EVR is earlier than 0:0.32.3-alt1",
"Arch": {},
"EVR": {
"Text": "0:0.32.3-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c9f2/ALT-PU-2024-11162/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411162001",
"Version": "1",
"Check": "all",
"Comment": "icoutils is earlier than 0:0.32.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411162001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411162001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411162002",
"Version": "1",
"Check": "all",
"Comment": "icoutils-extra is earlier than 0:0.32.3-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411162002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411162001"
}
}
]
}

157
oval/c9f2/ALT-PU-2024-11166/definitions.json Normal file
View File

@ -0,0 +1,157 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411166",
"Version": "oval:org.altlinux.errata:def:202411166",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11166: package `bchunk` update to version 1.2.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11166",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11166",
"Source": "ALTPU"
},
{
"RefID": "BDU:2017-02604",
"RefURL": "https://bdu.fstec.ru/vul/2017-02604",
"Source": "BDU"
},
{
"RefID": "BDU:2017-02605",
"RefURL": "https://bdu.fstec.ru/vul/2017-02605",
"Source": "BDU"
},
{
"RefID": "BDU:2017-02606",
"RefURL": "https://bdu.fstec.ru/vul/2017-02606",
"Source": "BDU"
},
{
"RefID": "CVE-2017-15953",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-15953",
"Source": "CVE"
},
{
"RefID": "CVE-2017-15954",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-15954",
"Source": "CVE"
},
{
"RefID": "CVE-2017-15955",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-15955",
"Source": "CVE"
}
],
"Description": "This update upgrades bchunk to version 1.2.2-alt1. \nSecurity Fix(es):\n\n * BDU:2017-02604: Уязвимость программного обеспечение для преобразования образов bchunk операционной системы Debian GNU/Linux, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать аварийное завершение работы приложения\n\n * BDU:2017-02605: Уязвимость программного обеспечение для преобразования образов bchunk операционной системы Debian GNU/Linux, вызванная переполнением буфера в динамической памяти, позволяющая нарушителю вызвать аварийное завершение работы приложения\n\n * BDU:2017-02606: Уязвимость программного обеспечение для преобразования образов bchunk операционной системы Debian GNU/Linux, вызванная переполнением буфера в динамической памяти, позволяющая нарушителю вызвать аварийное завершение работы приложения\n\n * CVE-2017-15953: bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.\n\n * CVE-2017-15954: bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.\n\n * CVE-2017-15955: bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an \"Access violation near NULL on destination operand\" and crash when processing a malformed CUE (.cue) file.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": [
{
"ID": "BDU:2017-02604",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2017-02604",
"Impact": "Low",
"Public": "20170909"
},
{
"ID": "BDU:2017-02605",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2017-02605",
"Impact": "Low",
"Public": "20170909"
},
{
"ID": "BDU:2017-02606",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2017-02606",
"Impact": "Low",
"Public": "20170909"
}
],
"CVEs": [
{
"ID": "CVE-2017-15953",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-15953",
"Impact": "Low",
"Public": "20171028"
},
{
"ID": "CVE-2017-15954",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-15954",
"Impact": "Low",
"Public": "20171028"
},
{
"ID": "CVE-2017-15955",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-15955",
"Impact": "Low",
"Public": "20171028"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411166001",
"Comment": "bchunk is earlier than 0:1.2.2-alt1"
}
]
}
]
}
}
]
}

34
oval/c9f2/ALT-PU-2024-11166/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411166001",
"Version": "1",
"Comment": "bchunk is installed",
"Name": "bchunk"
}
]
}

23
oval/c9f2/ALT-PU-2024-11166/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411166001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.2.2-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.2.2-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2024-11166/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411166001",
"Version": "1",
"Check": "all",
"Comment": "bchunk is earlier than 0:1.2.2-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411166001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411166001"
}
}
]
}

214
oval/p10/ALT-PU-2024-10755/definitions.json Normal file
View File

@ -0,0 +1,214 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202410755",
"Version": "oval:org.altlinux.errata:def:202410755",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-10755: package `zabbix` update to version 6.0.32-alt0.p10.2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-10755",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-10755",
"Source": "ALTPU"
}
],
"Description": "This update upgrades zabbix to version 6.0.32-alt0.p10.2. \nSecurity Fix(es):\n\n * #50854: Не хватает зависимостей php-*\n\n * #50924: Прошу обновить на новую версию 6.0.32",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "50854",
"Href": "https://bugzilla.altlinux.org/50854",
"Data": "Не хватает зависимостей php-*"
},
{
"ID": "50924",
"Href": "https://bugzilla.altlinux.org/50924",
"Data": "Прошу обновить на новую версию 6.0.32"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202410755001",
"Comment": "zabbix-agent is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755002",
"Comment": "zabbix-agent-sudo is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755003",
"Comment": "zabbix-agent2 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755004",
"Comment": "zabbix-common is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755005",
"Comment": "zabbix-common-database-mysql is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755006",
"Comment": "zabbix-common-database-pgsql is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755007",
"Comment": "zabbix-common-database-sqlite3 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755008",
"Comment": "zabbix-contrib is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755009",
"Comment": "zabbix-doc is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755010",
"Comment": "zabbix-java-gateway is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755011",
"Comment": "zabbix-phpfrontend-apache2 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755012",
"Comment": "zabbix-phpfrontend-apache2-mod_php7 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755013",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755014",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755015",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755016",
"Comment": "zabbix-phpfrontend-engine is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755017",
"Comment": "zabbix-phpfrontend-php7 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755018",
"Comment": "zabbix-phpfrontend-php8.0 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755019",
"Comment": "zabbix-phpfrontend-php8.1 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755020",
"Comment": "zabbix-phpfrontend-php8.2 is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755021",
"Comment": "zabbix-proxy is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755022",
"Comment": "zabbix-proxy-common is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755023",
"Comment": "zabbix-proxy-pgsql is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755024",
"Comment": "zabbix-server-common is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755025",
"Comment": "zabbix-server-mysql is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755026",
"Comment": "zabbix-server-pgsql is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755027",
"Comment": "zabbix-source is earlier than 1:6.0.32-alt0.p10.2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410755028",
"Comment": "zabbix-web-service is earlier than 1:6.0.32-alt0.p10.2"
}
]
}
]
}
}
]
}

196
oval/p10/ALT-PU-2024-10755/objects.json Normal file
View File

@ -0,0 +1,196 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202410755001",
"Version": "1",
"Comment": "zabbix-agent is installed",
"Name": "zabbix-agent"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755002",
"Version": "1",
"Comment": "zabbix-agent-sudo is installed",
"Name": "zabbix-agent-sudo"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755003",
"Version": "1",
"Comment": "zabbix-agent2 is installed",
"Name": "zabbix-agent2"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755004",
"Version": "1",
"Comment": "zabbix-common is installed",
"Name": "zabbix-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755005",
"Version": "1",
"Comment": "zabbix-common-database-mysql is installed",
"Name": "zabbix-common-database-mysql"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755006",
"Version": "1",
"Comment": "zabbix-common-database-pgsql is installed",
"Name": "zabbix-common-database-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755007",
"Version": "1",
"Comment": "zabbix-common-database-sqlite3 is installed",
"Name": "zabbix-common-database-sqlite3"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755008",
"Version": "1",
"Comment": "zabbix-contrib is installed",
"Name": "zabbix-contrib"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755009",
"Version": "1",
"Comment": "zabbix-doc is installed",
"Name": "zabbix-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755010",
"Version": "1",
"Comment": "zabbix-java-gateway is installed",
"Name": "zabbix-java-gateway"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755011",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2 is installed",
"Name": "zabbix-phpfrontend-apache2"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755012",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php7 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php7"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755013",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755014",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.1"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755015",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.2"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755016",
"Version": "1",
"Comment": "zabbix-phpfrontend-engine is installed",
"Name": "zabbix-phpfrontend-engine"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755017",
"Version": "1",
"Comment": "zabbix-phpfrontend-php7 is installed",
"Name": "zabbix-phpfrontend-php7"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755018",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.0 is installed",
"Name": "zabbix-phpfrontend-php8.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755019",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.1 is installed",
"Name": "zabbix-phpfrontend-php8.1"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755020",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.2 is installed",
"Name": "zabbix-phpfrontend-php8.2"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755021",
"Version": "1",
"Comment": "zabbix-proxy is installed",
"Name": "zabbix-proxy"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755022",
"Version": "1",
"Comment": "zabbix-proxy-common is installed",
"Name": "zabbix-proxy-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755023",
"Version": "1",
"Comment": "zabbix-proxy-pgsql is installed",
"Name": "zabbix-proxy-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755024",
"Version": "1",
"Comment": "zabbix-server-common is installed",
"Name": "zabbix-server-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755025",
"Version": "1",
"Comment": "zabbix-server-mysql is installed",
"Name": "zabbix-server-mysql"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755026",
"Version": "1",
"Comment": "zabbix-server-pgsql is installed",
"Name": "zabbix-server-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755027",
"Version": "1",
"Comment": "zabbix-source is installed",
"Name": "zabbix-source"
},
{
"ID": "oval:org.altlinux.errata:obj:202410755028",
"Version": "1",
"Comment": "zabbix-web-service is installed",
"Name": "zabbix-web-service"
}
]
}

23
oval/p10/ALT-PU-2024-10755/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202410755001",
"Version": "1",
"Comment": "package EVR is earlier than 1:6.0.32-alt0.p10.2",
"Arch": {},
"EVR": {
"Text": "1:6.0.32-alt0.p10.2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

354
oval/p10/ALT-PU-2024-10755/tests.json Normal file
View File

@ -0,0 +1,354 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202410755001",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755002",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent-sudo is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755003",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent2 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755004",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755005",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-mysql is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755006",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-pgsql is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755007",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-sqlite3 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755008",
"Version": "1",
"Check": "all",
"Comment": "zabbix-contrib is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755009",
"Version": "1",
"Check": "all",
"Comment": "zabbix-doc is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755010",
"Version": "1",
"Check": "all",
"Comment": "zabbix-java-gateway is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755011",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755012",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php7 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755013",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755014",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755015",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755016",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-engine is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755017",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php7 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755018",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.0 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755018"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755019",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.1 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755019"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755020",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.2 is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755020"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755021",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755021"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755022",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy-common is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755022"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755023",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy-pgsql is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755023"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755024",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-common is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755024"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755025",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-mysql is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755025"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755026",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-pgsql is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755026"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755027",
"Version": "1",
"Check": "all",
"Comment": "zabbix-source is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755027"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410755028",
"Version": "1",
"Check": "all",
"Comment": "zabbix-web-service is earlier than 1:6.0.32-alt0.p10.2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410755028"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410755001"
}
}
]
}

277
oval/p9/ALT-PU-2024-10871/definitions.json Normal file
View File

@ -0,0 +1,277 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202410871",
"Version": "oval:org.altlinux.errata:def:202410871",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-10871: package `ffmpeg` update to version 4.3.8-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-10871",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-10871",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-02925",
"RefURL": "https://bdu.fstec.ru/vul/2023-02925",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03348",
"RefURL": "https://bdu.fstec.ru/vul/2023-03348",
"Source": "BDU"
},
{
"RefID": "BDU:2024-00245",
"RefURL": "https://bdu.fstec.ru/vul/2024-00245",
"Source": "BDU"
},
{
"RefID": "CVE-2022-3341",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-3341",
"Source": "CVE"
},
{
"RefID": "CVE-2022-48434",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-48434",
"Source": "CVE"
},
{
"RefID": "CVE-2023-47342",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-47342",
"Source": "CVE"
},
{
"RefID": "CVE-2024-7055",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-7055",
"Source": "CVE"
}
],
"Description": "This update upgrades ffmpeg to version 4.3.8-alt1. \nSecurity Fix(es):\n\n * BDU:2023-02925: Уязвимость компонента libavcodec/pthread_frame.c мультимедийной библиотеки FFmpeg, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-03348: Уязвимость функции decode_main_header() (libavformat/nutdec.c) мультимедийной библиотеки FFmpeg, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-00245: Уязвимость мультимедийной библиотеки FFmpeg, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привелегии\n\n * CVE-2022-3341: A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash.\n\n * CVE-2022-48434: libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).\n\n * CVE-2023-47342: description unavailable\n\n * CVE-2024-7055: A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.2 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-273651.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-19"
},
"Updated": {
"Date": "2024-08-19"
},
"BDUs": [
{
"ID": "BDU:2023-02925",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-02925",
"Impact": "High",
"Public": "20220902"
},
{
"ID": "BDU:2023-03348",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2023-03348",
"Impact": "Low",
"Public": "20220722"
},
{
"ID": "BDU:2024-00245",
"CVSS": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"CVSS3": "AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-269",
"Href": "https://bdu.fstec.ru/vul/2024-00245",
"Impact": "Low",
"Public": "20231106"
}
],
"CVEs": [
{
"ID": "CVE-2022-3341",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-3341",
"Impact": "Low",
"Public": "20230112"
},
{
"ID": "CVE-2022-48434",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-48434",
"Impact": "High",
"Public": "20230329"
},
{
"ID": "CVE-2024-7055",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-7055",
"Impact": "None",
"Public": "20240806"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202410871001",
"Comment": "ffmpeg is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871002",
"Comment": "ffmpeg-doc is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871003",
"Comment": "ffplay is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871004",
"Comment": "ffplay-doc is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871005",
"Comment": "ffprobe is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871006",
"Comment": "ffprobe-doc is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871007",
"Comment": "ffserver-doc is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871008",
"Comment": "libavcodec-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871009",
"Comment": "libavcodec58 is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871010",
"Comment": "libavdevice-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871011",
"Comment": "libavdevice58 is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871012",
"Comment": "libavfilter-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871013",
"Comment": "libavfilter7 is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871014",
"Comment": "libavformat-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871015",
"Comment": "libavformat58 is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871016",
"Comment": "libavresample-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871017",
"Comment": "libavresample4 is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871018",
"Comment": "libavutil-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871019",
"Comment": "libavutil56 is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871020",
"Comment": "libpostproc-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871021",
"Comment": "libpostproc55 is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871022",
"Comment": "libswresample-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871023",
"Comment": "libswresample3 is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871024",
"Comment": "libswscale-devel is earlier than 2:4.3.8-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202410871025",
"Comment": "libswscale5 is earlier than 2:4.3.8-alt1"
}
]
}
]
}
}
]
}

178
oval/p9/ALT-PU-2024-10871/objects.json Normal file
View File

@ -0,0 +1,178 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:1001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202410871001",
"Version": "1",
"Comment": "ffmpeg is installed",
"Name": "ffmpeg"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871002",
"Version": "1",
"Comment": "ffmpeg-doc is installed",
"Name": "ffmpeg-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871003",
"Version": "1",
"Comment": "ffplay is installed",
"Name": "ffplay"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871004",
"Version": "1",
"Comment": "ffplay-doc is installed",
"Name": "ffplay-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871005",
"Version": "1",
"Comment": "ffprobe is installed",
"Name": "ffprobe"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871006",
"Version": "1",
"Comment": "ffprobe-doc is installed",
"Name": "ffprobe-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871007",
"Version": "1",
"Comment": "ffserver-doc is installed",
"Name": "ffserver-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871008",
"Version": "1",
"Comment": "libavcodec-devel is installed",
"Name": "libavcodec-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871009",
"Version": "1",
"Comment": "libavcodec58 is installed",
"Name": "libavcodec58"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871010",
"Version": "1",
"Comment": "libavdevice-devel is installed",
"Name": "libavdevice-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871011",
"Version": "1",
"Comment": "libavdevice58 is installed",
"Name": "libavdevice58"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871012",
"Version": "1",
"Comment": "libavfilter-devel is installed",
"Name": "libavfilter-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871013",
"Version": "1",
"Comment": "libavfilter7 is installed",
"Name": "libavfilter7"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871014",
"Version": "1",
"Comment": "libavformat-devel is installed",
"Name": "libavformat-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871015",
"Version": "1",
"Comment": "libavformat58 is installed",
"Name": "libavformat58"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871016",
"Version": "1",
"Comment": "libavresample-devel is installed",
"Name": "libavresample-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871017",
"Version": "1",
"Comment": "libavresample4 is installed",
"Name": "libavresample4"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871018",
"Version": "1",
"Comment": "libavutil-devel is installed",
"Name": "libavutil-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871019",
"Version": "1",
"Comment": "libavutil56 is installed",
"Name": "libavutil56"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871020",
"Version": "1",
"Comment": "libpostproc-devel is installed",
"Name": "libpostproc-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871021",
"Version": "1",
"Comment": "libpostproc55 is installed",
"Name": "libpostproc55"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871022",
"Version": "1",
"Comment": "libswresample-devel is installed",
"Name": "libswresample-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871023",
"Version": "1",
"Comment": "libswresample3 is installed",
"Name": "libswresample3"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871024",
"Version": "1",
"Comment": "libswscale-devel is installed",
"Name": "libswscale-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202410871025",
"Version": "1",
"Comment": "libswscale5 is installed",
"Name": "libswscale5"
}
]
}

23
oval/p9/ALT-PU-2024-10871/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:1001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202410871001",
"Version": "1",
"Comment": "package EVR is earlier than 2:4.3.8-alt1",
"Arch": {},
"EVR": {
"Text": "2:4.3.8-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

318
oval/p9/ALT-PU-2024-10871/tests.json Normal file
View File

@ -0,0 +1,318 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:1001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p9' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:1001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:1001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202410871001",
"Version": "1",
"Check": "all",
"Comment": "ffmpeg is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871002",
"Version": "1",
"Check": "all",
"Comment": "ffmpeg-doc is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871003",
"Version": "1",
"Check": "all",
"Comment": "ffplay is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871004",
"Version": "1",
"Check": "all",
"Comment": "ffplay-doc is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871005",
"Version": "1",
"Check": "all",
"Comment": "ffprobe is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871006",
"Version": "1",
"Check": "all",
"Comment": "ffprobe-doc is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871007",
"Version": "1",
"Check": "all",
"Comment": "ffserver-doc is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871008",
"Version": "1",
"Check": "all",
"Comment": "libavcodec-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871009",
"Version": "1",
"Check": "all",
"Comment": "libavcodec58 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871010",
"Version": "1",
"Check": "all",
"Comment": "libavdevice-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871011",
"Version": "1",
"Check": "all",
"Comment": "libavdevice58 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871012",
"Version": "1",
"Check": "all",
"Comment": "libavfilter-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871013",
"Version": "1",
"Check": "all",
"Comment": "libavfilter7 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871014",
"Version": "1",
"Check": "all",
"Comment": "libavformat-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871015",
"Version": "1",
"Check": "all",
"Comment": "libavformat58 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871016",
"Version": "1",
"Check": "all",
"Comment": "libavresample-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871017",
"Version": "1",
"Check": "all",
"Comment": "libavresample4 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871018",
"Version": "1",
"Check": "all",
"Comment": "libavutil-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871018"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871019",
"Version": "1",
"Check": "all",
"Comment": "libavutil56 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871019"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871020",
"Version": "1",
"Check": "all",
"Comment": "libpostproc-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871020"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871021",
"Version": "1",
"Check": "all",
"Comment": "libpostproc55 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871021"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871022",
"Version": "1",
"Check": "all",
"Comment": "libswresample-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871022"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871023",
"Version": "1",
"Check": "all",
"Comment": "libswresample3 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871023"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871024",
"Version": "1",
"Check": "all",
"Comment": "libswscale-devel is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871024"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202410871025",
"Version": "1",
"Check": "all",
"Comment": "libswscale5 is earlier than 2:4.3.8-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202410871025"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202410871001"
}
}
]
}