From 912b27fb15f2cc04b350e85b636baddec922d20c Mon Sep 17 00:00:00 2001 From: pepelyaevip Date: Tue, 24 Sep 2024 03:04:57 +0000 Subject: [PATCH] ALT Vulnerability --- oval/c10f1/ALT-PU-2024-12484/definitions.json | 668 ++++++++++++++++++ oval/c10f1/ALT-PU-2024-12484/objects.json | 280 ++++++++ oval/c10f1/ALT-PU-2024-12484/states.json | 23 + oval/c10f1/ALT-PU-2024-12484/tests.json | 522 ++++++++++++++ oval/c10f1/ALT-PU-2024-12486/definitions.json | 112 +++ oval/c10f1/ALT-PU-2024-12486/objects.json | 34 + oval/c10f1/ALT-PU-2024-12486/states.json | 23 + oval/c10f1/ALT-PU-2024-12486/tests.json | 30 + oval/c10f1/ALT-PU-2024-12487/definitions.json | 224 ++++++ oval/c10f1/ALT-PU-2024-12487/objects.json | 220 ++++++ oval/c10f1/ALT-PU-2024-12487/states.json | 23 + oval/c10f1/ALT-PU-2024-12487/tests.json | 402 +++++++++++ oval/c10f1/ALT-PU-2024-12488/definitions.json | 172 +++++ oval/c10f1/ALT-PU-2024-12488/objects.json | 34 + oval/c10f1/ALT-PU-2024-12488/states.json | 23 + oval/c10f1/ALT-PU-2024-12488/tests.json | 30 + oval/c10f1/ALT-PU-2024-12489/definitions.json | 121 ++++ oval/c10f1/ALT-PU-2024-12489/objects.json | 40 ++ oval/c10f1/ALT-PU-2024-12489/states.json | 23 + oval/c10f1/ALT-PU-2024-12489/tests.json | 42 ++ oval/c10f1/ALT-PU-2024-12802/definitions.json | 199 ++++++ oval/c10f1/ALT-PU-2024-12802/objects.json | 178 +++++ oval/c10f1/ALT-PU-2024-12802/states.json | 23 + oval/c10f1/ALT-PU-2024-12802/tests.json | 318 +++++++++ oval/c10f1/ALT-PU-2024-12935/definitions.json | 89 +++ oval/c10f1/ALT-PU-2024-12935/objects.json | 40 ++ oval/c10f1/ALT-PU-2024-12935/states.json | 23 + oval/c10f1/ALT-PU-2024-12935/tests.json | 42 ++ oval/p10/ALT-PU-2024-12348/definitions.json | 101 +++ oval/p10/ALT-PU-2024-12348/objects.json | 34 + oval/p10/ALT-PU-2024-12348/states.json | 23 + oval/p10/ALT-PU-2024-12348/tests.json | 30 + oval/p10/ALT-PU-2024-12626/definitions.json | 126 ++++ oval/p10/ALT-PU-2024-12626/objects.json | 40 ++ oval/p10/ALT-PU-2024-12626/states.json | 23 + oval/p10/ALT-PU-2024-12626/tests.json | 42 ++ 36 files changed, 4377 insertions(+) create mode 100644 oval/c10f1/ALT-PU-2024-12484/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-12484/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-12484/states.json create mode 100644 oval/c10f1/ALT-PU-2024-12484/tests.json create mode 100644 oval/c10f1/ALT-PU-2024-12486/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-12486/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-12486/states.json create mode 100644 oval/c10f1/ALT-PU-2024-12486/tests.json create mode 100644 oval/c10f1/ALT-PU-2024-12487/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-12487/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-12487/states.json create mode 100644 oval/c10f1/ALT-PU-2024-12487/tests.json create mode 100644 oval/c10f1/ALT-PU-2024-12488/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-12488/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-12488/states.json create mode 100644 oval/c10f1/ALT-PU-2024-12488/tests.json create mode 100644 oval/c10f1/ALT-PU-2024-12489/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-12489/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-12489/states.json create mode 100644 oval/c10f1/ALT-PU-2024-12489/tests.json create mode 100644 oval/c10f1/ALT-PU-2024-12802/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-12802/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-12802/states.json create mode 100644 oval/c10f1/ALT-PU-2024-12802/tests.json create mode 100644 oval/c10f1/ALT-PU-2024-12935/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-12935/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-12935/states.json create mode 100644 oval/c10f1/ALT-PU-2024-12935/tests.json create mode 100644 oval/p10/ALT-PU-2024-12348/definitions.json create mode 100644 oval/p10/ALT-PU-2024-12348/objects.json create mode 100644 oval/p10/ALT-PU-2024-12348/states.json create mode 100644 oval/p10/ALT-PU-2024-12348/tests.json create mode 100644 oval/p10/ALT-PU-2024-12626/definitions.json create mode 100644 oval/p10/ALT-PU-2024-12626/objects.json create mode 100644 oval/p10/ALT-PU-2024-12626/states.json create mode 100644 oval/p10/ALT-PU-2024-12626/tests.json diff --git a/oval/c10f1/ALT-PU-2024-12484/definitions.json b/oval/c10f1/ALT-PU-2024-12484/definitions.json new file mode 100644 index 0000000000..00c1d66ec0 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12484/definitions.json @@ -0,0 +1,668 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412484", + "Version": "oval:org.altlinux.errata:def:202412484", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12484: package `samba` update to version 4.19.7-alt4", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12484", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12484", + "Source": "ALTPU" + }, + { + "RefID": "BDU:2020-00692", + "RefURL": "https://bdu.fstec.ru/vul/2020-00692", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-02011", + "RefURL": "https://bdu.fstec.ru/vul/2023-02011", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-02012", + "RefURL": "https://bdu.fstec.ru/vul/2023-02012", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-02013", + "RefURL": "https://bdu.fstec.ru/vul/2023-02013", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-03963", + "RefURL": "https://bdu.fstec.ru/vul/2023-03963", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-04385", + "RefURL": "https://bdu.fstec.ru/vul/2023-04385", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-06939", + "RefURL": "https://bdu.fstec.ru/vul/2023-06939", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-06940", + "RefURL": "https://bdu.fstec.ru/vul/2023-06940", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-06941", + "RefURL": "https://bdu.fstec.ru/vul/2023-06941", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-06942", + "RefURL": "https://bdu.fstec.ru/vul/2023-06942", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-07174", + "RefURL": "https://bdu.fstec.ru/vul/2023-07174", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-07419", + "RefURL": "https://bdu.fstec.ru/vul/2023-07419", + "Source": "BDU" + }, + { + "RefID": "BDU:2023-09107", + "RefURL": "https://bdu.fstec.ru/vul/2023-09107", + "Source": "BDU" + }, + { + "RefID": "BDU:2024-01904", + "RefURL": "https://bdu.fstec.ru/vul/2024-01904", + "Source": "BDU" + }, + { + "RefID": "BDU:2024-06935", + "RefURL": "https://bdu.fstec.ru/vul/2024-06935", + "Source": "BDU" + }, + { + "RefID": "CVE-2018-10919", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-10919", + "Source": "CVE" + }, + { + "RefID": "CVE-2018-14628", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-14628", + "Source": "CVE" + }, + { + "RefID": "CVE-2020-25720", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-25720", + "Source": "CVE" + }, + { + "RefID": "CVE-2022-2127", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-2127", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-0225", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-0225", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-0614", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-0614", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-0922", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-0922", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-3347", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3347", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-34966", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-34966", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-34967", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-34967", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-34968", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-34968", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-3961", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3961", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-4091", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-4091", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-4154", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-4154", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-42669", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-42669", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-42670", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-42670", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-5568", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-5568", + "Source": "CVE" + } + ], + "Description": "This update upgrades samba to version 4.19.7-alt4. \nSecurity Fix(es):\n\n * BDU:2020-00692: Уязвимость компонента Active Directory LDAP-сервера программ сетевого взаимодействия Samba, позволяющая нарушителю получить несанкционированный доступ к конфиденциальным данным\n\n * BDU:2023-02011: Уязвимость утилиты samba-tool пакета программ сетевого взаимодействия Samba, позволяющая нарушителю получить несанкционированный доступ к устройству\n\n * BDU:2023-02012: Уязвимость пакета программ сетевого взаимодействия Samba, связанная с отсутствием защиты служебных данных, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2023-02013: Уязвимость LDAP-сервера пакета программ сетевого взаимодействия Samba, позволяющая нарушителю удалить атрибут DNS-Host-Name из любого объекта в каталоге\n\n * BDU:2023-03963: Уязвимость компонента winbindd_pam_auth_crap.c пакета программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-04385: Уязвимость функции sl_unpack_loop() службы mdssvc RPC пакета программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-06939: Уязвимость RPC-сервера пакета программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-06940: Уязвимость функции dcesrv_echo_TestSleep() RPC-сервера rpcecho пакета программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-06941: Уязвимость модуля VFS пакета программ сетевого взаимодействия Samba, позволяющая нарушителю получить доступ на чтение, изменение или удаление файлов\n\n * BDU:2023-06942: Уязвимость механизма синхронизации катологов DirSync пакета программ сетевого взаимодействия Samba, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и повысить свои привилегии\n\n * BDU:2023-07174: Уязвимость библиотеки smbd пакета программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-07419: Уязвимость пакета программ сетевого взаимодействия Samba, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-09107: Уязвимость функции dalloc_value_for_key() пакета программ сетевого взаимодействия Samba, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-01904: Уязвимость механизма подписи пакетов SMB2 пакета программ сетевого взаимодействия Samba, позволяющая нарушителю реализовать атаку типа «человек посередине»\n\n * BDU:2024-06935: Уязвимость пакета программ сетевого взаимодействия Samba, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * CVE-2018-10919: The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.\n\n * CVE-2018-14628: An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.\n\n * CVE-2020-25720: description unavailable\n\n * CVE-2022-2127: An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manager response length. When Winbind is used for NTLM authentication, a maliciously crafted request can trigger an out-of-bounds read in Winbind, possibly resulting in a crash.\n\n * CVE-2023-0225: A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.\n\n * CVE-2023-0614: The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.\n\n * CVE-2023-0922: The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection.\n\n * CVE-2023-3347: A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured \"server signing = required\" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, such as a man-in-the-middle attack, by intercepting the network traffic and modifying the SMB2 messages between client and server, affecting the integrity of the data.\n\n * CVE-2023-34966: An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.\n\n * CVE-2023-34967: A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol. Due to a lack of type checking in callers of the dalloc_value_for_key() function, which returns the object associated with a key, a caller may trigger a crash in talloc_get_size() when talloc detects that the passed-in pointer is not a valid talloc pointer. With an RPC worker process shared among multiple client connections, a malicious client or attacker can trigger a process crash in a shared RPC mdssvc worker process, affecting all other clients this worker serves.\n\n * CVE-2023-34968: A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path.\n\n * CVE-2023-3961: A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services like SAMR LSA or SPOOLSS, which Samba initiates on demand. However, due to inadequate sanitization of incoming client pipe names, allowing a client to send a pipe name containing Unix directory traversal characters (../). This could result in SMB clients connecting as root to Unix domain sockets outside the private directory. If an attacker or client managed to send a pipe name resolving to an external service using an existing Unix domain socket, it could potentially lead to unauthorized access to the service and consequential adverse events, including compromise or service crashes.\n\n * CVE-2023-4091: A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module \"acl_xattr\" is configured with \"acl_xattr:ignore system acls = yes\". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions.\n\n * CVE-2023-4154: A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence.\n\n * CVE-2023-42669: A vulnerability was found in Samba's \"rpcecho\" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the \"rpcecho\" service operates with only one worker in the main RPC task, allowing calls to the \"rpcecho\" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a \"sleep()\" call in the \"dcesrv_echo_TestSleep()\" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the \"rpcecho\" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as \"rpcecho\" runs in the main RPC task.\n\n * CVE-2023-42670: A flaw was found in Samba. It is susceptible to a vulnerability where multiple incompatible RPC listeners can be initiated, causing disruptions in the AD DC service. When Samba's RPC server experiences a high load or unresponsiveness, servers intended for non-AD DC purposes (for example, NT4-emulation \"classic DCs\") can erroneously start and compete for the same unix domain sockets. This issue leads to partial query responses from the AD DC, causing issues such as \"The procedure number is out of range\" when using tools like Active Directory Users. This flaw allows an attacker to disrupt AD DC services.\n\n * CVE-2023-5568: A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.\n\n * #44214: Missing dependency for include", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Critical", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": [ + { + "ID": "BDU:2020-00692", + "CVSS": "AV:N/AC:L/Au:S/C:P/I:N/A:N", + "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "CWE": "CWE-200", + "Href": "https://bdu.fstec.ru/vul/2020-00692", + "Impact": "Low", + "Public": "20180822" + }, + { + "ID": "BDU:2023-02011", + "CVSS": "AV:N/AC:H/Au:N/C:C/I:P/A:N", + "CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N", + "CWE": "CWE-319", + "Href": "https://bdu.fstec.ru/vul/2023-02011", + "Impact": "Low", + "Public": "20230329" + }, + { + "ID": "BDU:2023-02012", + "CVSS": "AV:N/AC:L/Au:S/C:P/I:N/A:N", + "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "CWE": "CWE-200", + "Href": "https://bdu.fstec.ru/vul/2023-02012", + "Impact": "Low", + "Public": "20230329" + }, + { + "ID": "BDU:2023-02013", + "CVSS": "AV:N/AC:L/Au:S/C:N/I:P/A:P", + "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "CWE": "CWE-732", + "Href": "https://bdu.fstec.ru/vul/2023-02013", + "Impact": "Low", + "Public": "20230329" + }, + { + "ID": "BDU:2023-03963", + "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-125", + "Href": "https://bdu.fstec.ru/vul/2023-03963", + "Impact": "High", + "Public": "20230720" + }, + { + "ID": "BDU:2023-04385", + "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-835", + "Href": "https://bdu.fstec.ru/vul/2023-04385", + "Impact": "High", + "Public": "20230720" + }, + { + "ID": "BDU:2023-06939", + "CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:C", + "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-404", + "Href": "https://bdu.fstec.ru/vul/2023-06939", + "Impact": "Low", + "Public": "20231010" + }, + { + "ID": "BDU:2023-06940", + "CVSS": "AV:N/AC:L/Au:S/C:N/I:N/A:C", + "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-404", + "Href": "https://bdu.fstec.ru/vul/2023-06940", + "Impact": "Low", + "Public": "20230912" + }, + { + "ID": "BDU:2023-06941", + "CVSS": "AV:N/AC:M/Au:N/C:N/I:C/A:N", + "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "CWE": "CWE-264, CWE-275, CWE-284", + "Href": "https://bdu.fstec.ru/vul/2023-06941", + "Impact": "Low", + "Public": "20230802" + }, + { + "ID": "BDU:2023-06942", + "CVSS": "AV:N/AC:H/Au:S/C:C/I:C/A:C", + "CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-200", + "Href": "https://bdu.fstec.ru/vul/2023-06942", + "Impact": "High", + "Public": "20231003" + }, + { + "ID": "BDU:2023-07174", + "CVSS": "AV:N/AC:H/Au:N/C:N/I:C/A:P", + "CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L", + "CWE": "CWE-22", + "Href": "https://bdu.fstec.ru/vul/2023-07174", + "Impact": "Low", + "Public": "20231010" + }, + { + "ID": "BDU:2023-07419", + "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-122", + "Href": "https://bdu.fstec.ru/vul/2023-07419", + "Impact": "Low", + "Public": "20231016" + }, + { + "ID": "BDU:2023-09107", + "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P", + "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "CWE": "CWE-843", + "Href": "https://bdu.fstec.ru/vul/2023-09107", + "Impact": "Low", + "Public": "20230717" + }, + { + "ID": "BDU:2024-01904", + "CVSS": "AV:N/AC:H/Au:N/C:N/I:C/A:N", + "CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", + "CWE": "CWE-345", + "Href": "https://bdu.fstec.ru/vul/2024-01904", + "Impact": "Low", + "Public": "20230720" + }, + { + "ID": "BDU:2024-06935", + "CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N", + "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "CWE": "CWE-200", + "Href": "https://bdu.fstec.ru/vul/2024-06935", + "Impact": "Low", + "Public": "20230713" + } + ], + "CVEs": [ + { + "ID": "CVE-2018-10919", + "CVSS": "AV:N/AC:L/Au:S/C:P/I:N/A:N", + "CVSS3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "CWE": "CWE-200", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-10919", + "Impact": "Low", + "Public": "20180822" + }, + { + "ID": "CVE-2018-14628", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "CWE": "CWE-862", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-14628", + "Impact": "Low", + "Public": "20230117" + }, + { + "ID": "CVE-2022-2127", + "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-125", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-2127", + "Impact": "Low", + "Public": "20230720" + }, + { + "ID": "CVE-2023-0225", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "CWE": "CWE-732", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-0225", + "Impact": "Low", + "Public": "20230403" + }, + { + "ID": "CVE-2023-0614", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "CWE": "CWE-312", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-0614", + "Impact": "Low", + "Public": "20230403" + }, + { + "ID": "CVE-2023-0922", + "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "CWE": "CWE-319", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-0922", + "Impact": "Low", + "Public": "20230403" + }, + { + "ID": "CVE-2023-3347", + "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", + "CWE": "NVD-CWE-noinfo", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3347", + "Impact": "Low", + "Public": "20230720" + }, + { + "ID": "CVE-2023-34966", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-835", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-34966", + "Impact": "High", + "Public": "20230720" + }, + { + "ID": "CVE-2023-34967", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "CWE": "CWE-843", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-34967", + "Impact": "Low", + "Public": "20230720" + }, + { + "ID": "CVE-2023-34968", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "CWE": "NVD-CWE-noinfo", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-34968", + "Impact": "Low", + "Public": "20230720" + }, + { + "ID": "CVE-2023-3961", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-22", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3961", + "Impact": "Critical", + "Public": "20231103" + }, + { + "ID": "CVE-2023-4091", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "CWE": "CWE-276", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-4091", + "Impact": "Low", + "Public": "20231103" + }, + { + "ID": "CVE-2023-4154", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "CWE": "CWE-787", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-4154", + "Impact": "Low", + "Public": "20231107" + }, + { + "ID": "CVE-2023-42669", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "NVD-CWE-noinfo", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-42669", + "Impact": "Low", + "Public": "20231106" + }, + { + "ID": "CVE-2023-42670", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "NVD-CWE-noinfo", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-42670", + "Impact": "Low", + "Public": "20231103" + }, + { + "ID": "CVE-2023-5568", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-787", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-5568", + "Impact": "Low", + "Public": "20231025" + } + ], + "Bugzilla": [ + { + "ID": "44214", + "Href": "https://bugzilla.altlinux.org/44214", + "Data": "Missing dependency for include" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:4001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412484001", + "Comment": "admx-samba is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484002", + "Comment": "libldb-modules-ldap is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484003", + "Comment": "libsmbclient is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484004", + "Comment": "libsmbclient-devel is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484005", + "Comment": "libwbclient is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484006", + "Comment": "libwbclient-devel is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484007", + "Comment": "python3-module-samba is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484008", + "Comment": "python3-module-samba-devel is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484009", + "Comment": "samba is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484010", + "Comment": "samba-client is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484011", + "Comment": "samba-common is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484012", + "Comment": "samba-common-client is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484013", + "Comment": "samba-common-libs is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484014", + "Comment": "samba-common-tools is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484015", + "Comment": "samba-ctdb is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484016", + "Comment": "samba-ctdb-ceph-mutex is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484017", + "Comment": "samba-ctdb-etcd-mutex is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484018", + "Comment": "samba-dc is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484019", + "Comment": "samba-dc-client is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484020", + "Comment": "samba-dc-common is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484021", + "Comment": "samba-dc-libs is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484022", + "Comment": "samba-dc-mitkrb5 is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484023", + "Comment": "samba-dcerpc is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484024", + "Comment": "samba-devel is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484025", + "Comment": "samba-doc is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484026", + "Comment": "samba-gpupdate is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484027", + "Comment": "samba-krb5-printing is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484028", + "Comment": "samba-libs is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484029", + "Comment": "samba-pidl is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484030", + "Comment": "samba-test is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484031", + "Comment": "samba-usershares is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484032", + "Comment": "samba-util-private-headers is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484033", + "Comment": "samba-vfs-cephfs is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484034", + "Comment": "samba-vfs-glusterfs is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484035", + "Comment": "samba-vfs-snapper is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484036", + "Comment": "samba-winbind is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484037", + "Comment": "samba-winbind-clients is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484038", + "Comment": "samba-winbind-common is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484039", + "Comment": "samba-winbind-krb5-localauth is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484040", + "Comment": "samba-winbind-krb5-locator is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484041", + "Comment": "task-samba-dc is earlier than 0:4.19.7-alt4" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412484042", + "Comment": "task-samba-dc-mitkrb5 is earlier than 0:4.19.7-alt4" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12484/objects.json b/oval/c10f1/ALT-PU-2024-12484/objects.json new file mode 100644 index 0000000000..5f5127d901 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12484/objects.json @@ -0,0 +1,280 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:4001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412484001", + "Version": "1", + "Comment": "admx-samba is installed", + "Name": "admx-samba" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484002", + "Version": "1", + "Comment": "libldb-modules-ldap is installed", + "Name": "libldb-modules-ldap" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484003", + "Version": "1", + "Comment": "libsmbclient is installed", + "Name": "libsmbclient" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484004", + "Version": "1", + "Comment": "libsmbclient-devel is installed", + "Name": "libsmbclient-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484005", + "Version": "1", + "Comment": "libwbclient is installed", + "Name": "libwbclient" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484006", + "Version": "1", + "Comment": "libwbclient-devel is installed", + "Name": "libwbclient-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484007", + "Version": "1", + "Comment": "python3-module-samba is installed", + "Name": "python3-module-samba" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484008", + "Version": "1", + "Comment": "python3-module-samba-devel is installed", + "Name": "python3-module-samba-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484009", + "Version": "1", + "Comment": "samba is installed", + "Name": "samba" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484010", + "Version": "1", + "Comment": "samba-client is installed", + "Name": "samba-client" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484011", + "Version": "1", + "Comment": "samba-common is installed", + "Name": "samba-common" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484012", + "Version": "1", + "Comment": "samba-common-client is installed", + "Name": "samba-common-client" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484013", + "Version": "1", + "Comment": "samba-common-libs is installed", + "Name": "samba-common-libs" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484014", + "Version": "1", + "Comment": "samba-common-tools is installed", + "Name": "samba-common-tools" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484015", + "Version": "1", + "Comment": "samba-ctdb is installed", + "Name": "samba-ctdb" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484016", + "Version": "1", + "Comment": "samba-ctdb-ceph-mutex is installed", + "Name": "samba-ctdb-ceph-mutex" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484017", + "Version": "1", + "Comment": "samba-ctdb-etcd-mutex is installed", + "Name": "samba-ctdb-etcd-mutex" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484018", + "Version": "1", + "Comment": "samba-dc is installed", + "Name": "samba-dc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484019", + "Version": "1", + "Comment": "samba-dc-client is installed", + "Name": "samba-dc-client" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484020", + "Version": "1", + "Comment": "samba-dc-common is installed", + "Name": "samba-dc-common" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484021", + "Version": "1", + "Comment": "samba-dc-libs is installed", + "Name": "samba-dc-libs" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484022", + "Version": "1", + "Comment": "samba-dc-mitkrb5 is installed", + "Name": "samba-dc-mitkrb5" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484023", + "Version": "1", + "Comment": "samba-dcerpc is installed", + "Name": "samba-dcerpc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484024", + "Version": "1", + "Comment": "samba-devel is installed", + "Name": "samba-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484025", + "Version": "1", + "Comment": "samba-doc is installed", + "Name": "samba-doc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484026", + "Version": "1", + "Comment": "samba-gpupdate is installed", + "Name": "samba-gpupdate" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484027", + "Version": "1", + "Comment": "samba-krb5-printing is installed", + "Name": "samba-krb5-printing" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484028", + "Version": "1", + "Comment": "samba-libs is installed", + "Name": "samba-libs" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484029", + "Version": "1", + "Comment": "samba-pidl is installed", + "Name": "samba-pidl" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484030", + "Version": "1", + "Comment": "samba-test is installed", + "Name": "samba-test" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484031", + "Version": "1", + "Comment": "samba-usershares is installed", + "Name": "samba-usershares" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484032", + "Version": "1", + "Comment": "samba-util-private-headers is installed", + "Name": "samba-util-private-headers" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484033", + "Version": "1", + "Comment": "samba-vfs-cephfs is installed", + "Name": "samba-vfs-cephfs" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484034", + "Version": "1", + "Comment": "samba-vfs-glusterfs is installed", + "Name": "samba-vfs-glusterfs" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484035", + "Version": "1", + "Comment": "samba-vfs-snapper is installed", + "Name": "samba-vfs-snapper" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484036", + "Version": "1", + "Comment": "samba-winbind is installed", + "Name": "samba-winbind" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484037", + "Version": "1", + "Comment": "samba-winbind-clients is installed", + "Name": "samba-winbind-clients" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484038", + "Version": "1", + "Comment": "samba-winbind-common is installed", + "Name": "samba-winbind-common" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484039", + "Version": "1", + "Comment": "samba-winbind-krb5-localauth is installed", + "Name": "samba-winbind-krb5-localauth" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484040", + "Version": "1", + "Comment": "samba-winbind-krb5-locator is installed", + "Name": "samba-winbind-krb5-locator" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484041", + "Version": "1", + "Comment": "task-samba-dc is installed", + "Name": "task-samba-dc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412484042", + "Version": "1", + "Comment": "task-samba-dc-mitkrb5 is installed", + "Name": "task-samba-dc-mitkrb5" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12484/states.json b/oval/c10f1/ALT-PU-2024-12484/states.json new file mode 100644 index 0000000000..7c1f7d40bf --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12484/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:4001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412484001", + "Version": "1", + "Comment": "package EVR is earlier than 0:4.19.7-alt4", + "Arch": {}, + "EVR": { + "Text": "0:4.19.7-alt4", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12484/tests.json b/oval/c10f1/ALT-PU-2024-12484/tests.json new file mode 100644 index 0000000000..684137d30c --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12484/tests.json @@ -0,0 +1,522 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:4001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:4001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:4001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412484001", + "Version": "1", + "Check": "all", + "Comment": "admx-samba is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484002", + "Version": "1", + "Check": "all", + "Comment": "libldb-modules-ldap is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484003", + "Version": "1", + "Check": "all", + "Comment": "libsmbclient is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484003" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484004", + "Version": "1", + "Check": "all", + "Comment": "libsmbclient-devel is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484004" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484005", + "Version": "1", + "Check": "all", + "Comment": "libwbclient is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484005" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484006", + "Version": "1", + "Check": "all", + "Comment": "libwbclient-devel is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484006" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484007", + "Version": "1", + "Check": "all", + "Comment": "python3-module-samba is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484007" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484008", + "Version": "1", + "Check": "all", + "Comment": "python3-module-samba-devel is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484008" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484009", + "Version": "1", + "Check": "all", + "Comment": "samba is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484009" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484010", + "Version": "1", + "Check": "all", + "Comment": "samba-client is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484010" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484011", + "Version": "1", + "Check": "all", + "Comment": "samba-common is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484011" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484012", + "Version": "1", + "Check": "all", + "Comment": "samba-common-client is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484012" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484013", + "Version": "1", + "Check": "all", + "Comment": "samba-common-libs is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484013" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484014", + "Version": "1", + "Check": "all", + "Comment": "samba-common-tools is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484014" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484015", + "Version": "1", + "Check": "all", + "Comment": "samba-ctdb is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484015" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484016", + "Version": "1", + "Check": "all", + "Comment": "samba-ctdb-ceph-mutex is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484016" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484017", + "Version": "1", + "Check": "all", + "Comment": "samba-ctdb-etcd-mutex is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484017" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484018", + "Version": "1", + "Check": "all", + "Comment": "samba-dc is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484018" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484019", + "Version": "1", + "Check": "all", + "Comment": "samba-dc-client is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484019" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484020", + "Version": "1", + "Check": "all", + "Comment": "samba-dc-common is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484020" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484021", + "Version": "1", + "Check": "all", + "Comment": "samba-dc-libs is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484021" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484022", + "Version": "1", + "Check": "all", + "Comment": "samba-dc-mitkrb5 is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484022" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484023", + "Version": "1", + "Check": "all", + "Comment": "samba-dcerpc is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484023" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484024", + "Version": "1", + "Check": "all", + "Comment": "samba-devel is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484024" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484025", + "Version": "1", + "Check": "all", + "Comment": "samba-doc is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484025" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484026", + "Version": "1", + "Check": "all", + "Comment": "samba-gpupdate is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484026" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484027", + "Version": "1", + "Check": "all", + "Comment": "samba-krb5-printing is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484027" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484028", + "Version": "1", + "Check": "all", + "Comment": "samba-libs is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484028" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484029", + "Version": "1", + "Check": "all", + "Comment": "samba-pidl is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484029" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484030", + "Version": "1", + "Check": "all", + "Comment": "samba-test is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484030" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484031", + "Version": "1", + "Check": "all", + "Comment": "samba-usershares is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484031" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484032", + "Version": "1", + "Check": "all", + "Comment": "samba-util-private-headers is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484032" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484033", + "Version": "1", + "Check": "all", + "Comment": "samba-vfs-cephfs is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484033" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484034", + "Version": "1", + "Check": "all", + "Comment": "samba-vfs-glusterfs is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484034" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484035", + "Version": "1", + "Check": "all", + "Comment": "samba-vfs-snapper is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484035" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484036", + "Version": "1", + "Check": "all", + "Comment": "samba-winbind is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484036" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484037", + "Version": "1", + "Check": "all", + "Comment": "samba-winbind-clients is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484037" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484038", + "Version": "1", + "Check": "all", + "Comment": "samba-winbind-common is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484038" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484039", + "Version": "1", + "Check": "all", + "Comment": "samba-winbind-krb5-localauth is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484039" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484040", + "Version": "1", + "Check": "all", + "Comment": "samba-winbind-krb5-locator is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484040" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484041", + "Version": "1", + "Check": "all", + "Comment": "task-samba-dc is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484041" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412484042", + "Version": "1", + "Check": "all", + "Comment": "task-samba-dc-mitkrb5 is earlier than 0:4.19.7-alt4", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412484042" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412484001" + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12486/definitions.json b/oval/c10f1/ALT-PU-2024-12486/definitions.json new file mode 100644 index 0000000000..a807c35e3b --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12486/definitions.json @@ -0,0 +1,112 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412486", + "Version": "oval:org.altlinux.errata:def:202412486", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12486: package `gpui` update to version 0.2.40-alt1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12486", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12486", + "Source": "ALTPU" + } + ], + "Description": "This update upgrades gpui to version 0.2.40-alt1. \nSecurity Fix(es):\n\n * #46082: Политики на основе виндовых шаблонов не сохраняют свои свойства\n\n * #46189: Ошибка сегментирования при локальном изменении политик\n\n * #46282: Отображаются не все политики из admx-chromium\n\n * #47133: Не переведён path/parameter в диалоге управления скриптами\n\n * #47136: Не работает кнопка Показать файлы\n\n * #47137: Не изменяет политику Настройка механизма копирования файлов\n\n * #47437: Список языков интерфейса выглядит одинаково в любом варианте\n\n * #47553: Компьютер/Пользователь → Настройки системы → Скрипты: Не работает кнопка \"Удалить\" при нажатии два раза подряд", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": null, + "Bugzilla": [ + { + "ID": "46082", + "Href": "https://bugzilla.altlinux.org/46082", + "Data": "Политики на основе виндовых шаблонов не сохраняют свои свойства" + }, + { + "ID": "46189", + "Href": "https://bugzilla.altlinux.org/46189", + "Data": "Ошибка сегментирования при локальном изменении политик" + }, + { + "ID": "46282", + "Href": "https://bugzilla.altlinux.org/46282", + "Data": "Отображаются не все политики из admx-chromium" + }, + { + "ID": "47133", + "Href": "https://bugzilla.altlinux.org/47133", + "Data": "Не переведён path/parameter в диалоге управления скриптами" + }, + { + "ID": "47136", + "Href": "https://bugzilla.altlinux.org/47136", + "Data": "Не работает кнопка Показать файлы" + }, + { + "ID": "47137", + "Href": "https://bugzilla.altlinux.org/47137", + "Data": "Не изменяет политику Настройка механизма копирования файлов" + }, + { + "ID": "47437", + "Href": "https://bugzilla.altlinux.org/47437", + "Data": "Список языков интерфейса выглядит одинаково в любом варианте" + }, + { + "ID": "47553", + "Href": "https://bugzilla.altlinux.org/47553", + "Data": "Компьютер/Пользователь → Настройки системы → Скрипты: Не работает кнопка \"Удалить\" при нажатии два раза подряд" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:4001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412486001", + "Comment": "gpui is earlier than 0:0.2.40-alt1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12486/objects.json b/oval/c10f1/ALT-PU-2024-12486/objects.json new file mode 100644 index 0000000000..21209de850 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12486/objects.json @@ -0,0 +1,34 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:4001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412486001", + "Version": "1", + "Comment": "gpui is installed", + "Name": "gpui" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12486/states.json b/oval/c10f1/ALT-PU-2024-12486/states.json new file mode 100644 index 0000000000..27c47b0271 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12486/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:4001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412486001", + "Version": "1", + "Comment": "package EVR is earlier than 0:0.2.40-alt1", + "Arch": {}, + "EVR": { + "Text": "0:0.2.40-alt1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12486/tests.json b/oval/c10f1/ALT-PU-2024-12486/tests.json new file mode 100644 index 0000000000..657120102f --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12486/tests.json @@ -0,0 +1,30 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:4001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:4001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:4001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412486001", + "Version": "1", + "Check": "all", + "Comment": "gpui is earlier than 0:0.2.40-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412486001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412486001" + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12487/definitions.json b/oval/c10f1/ALT-PU-2024-12487/definitions.json new file mode 100644 index 0000000000..f2fcea20d5 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12487/definitions.json @@ -0,0 +1,224 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412487", + "Version": "oval:org.altlinux.errata:def:202412487", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12487: package `sssd` update to version 2.9.4-alt1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12487", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12487", + "Source": "ALTPU" + }, + { + "RefID": "BDU:2023-00665", + "RefURL": "https://bdu.fstec.ru/vul/2023-00665", + "Source": "BDU" + }, + { + "RefID": "CVE-2023-0286", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "Source": "CVE" + } + ], + "Description": "This update upgrades sssd to version 2.9.4-alt1. \nSecurity Fix(es):\n\n * BDU:2023-00665: Уязвимость функции GENERAL_NAME_cmp библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2023-0286: There is a type confusion vulnerability relating to X.400 address processing\ninside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but\nthe public structure definition for GENERAL_NAME incorrectly specified the type\nof the x400Address field as ASN1_TYPE. This field is subsequently interpreted by\nthe OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an\nASN1_STRING.\n\nWhen CRL checking is enabled (i.e. the application sets the\nX509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass\narbitrary pointers to a memcmp call, enabling them to read memory contents or\nenact a denial of service. In most cases, the attack requires the attacker to\nprovide both the certificate chain and CRL, neither of which need to have a\nvalid signature. If the attacker only controls one of these inputs, the other\ninput must already contain an X.400 address as a CRL distribution point, which\nis uncommon. As such, this vulnerability is most likely to only affect\napplications which have implemented their own functionality for retrieving CRLs\nover a network.\n\n", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "High", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": [ + { + "ID": "BDU:2023-00665", + "CVSS": "AV:N/AC:H/Au:N/C:C/I:N/A:C", + "CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", + "CWE": "CWE-704", + "Href": "https://bdu.fstec.ru/vul/2023-00665", + "Impact": "High", + "Public": "20230207" + } + ], + "CVEs": [ + { + "ID": "CVE-2023-0286", + "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", + "CWE": "CWE-843", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-0286", + "Impact": "High", + "Public": "20230208" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:4001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412487001", + "Comment": "libipa_hbac is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487002", + "Comment": "libipa_hbac-devel is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487003", + "Comment": "libsss_autofs is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487004", + "Comment": "libsss_certmap is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487005", + "Comment": "libsss_certmap-devel is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487006", + "Comment": "libsss_idmap is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487007", + "Comment": "libsss_idmap-devel is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487008", + "Comment": "libsss_nss_idmap is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487009", + "Comment": "libsss_nss_idmap-devel is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487010", + "Comment": "libsss_sudo is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487011", + "Comment": "python3-module-ipa_hbac is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487012", + "Comment": "python3-module-sss is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487013", + "Comment": "python3-module-sss-murmur is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487014", + "Comment": "python3-module-sss_nss_idmap is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487015", + "Comment": "python3-module-sssd is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487016", + "Comment": "python3-module-sssdconfig is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487017", + "Comment": "sssd is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487018", + "Comment": "sssd-ad is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487019", + "Comment": "sssd-client is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487020", + "Comment": "sssd-dbus is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487021", + "Comment": "sssd-idp is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487022", + "Comment": "sssd-ipa is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487023", + "Comment": "sssd-kcm is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487024", + "Comment": "sssd-krb5 is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487025", + "Comment": "sssd-krb5-common is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487026", + "Comment": "sssd-ldap is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487027", + "Comment": "sssd-nfs-idmap is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487028", + "Comment": "sssd-pac is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487029", + "Comment": "sssd-passkey is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487030", + "Comment": "sssd-proxy is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487031", + "Comment": "sssd-tools is earlier than 0:2.9.4-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412487032", + "Comment": "sssd-winbind-idmap is earlier than 0:2.9.4-alt1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12487/objects.json b/oval/c10f1/ALT-PU-2024-12487/objects.json new file mode 100644 index 0000000000..19412d6ae5 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12487/objects.json @@ -0,0 +1,220 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:4001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412487001", + "Version": "1", + "Comment": "libipa_hbac is installed", + "Name": "libipa_hbac" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487002", + "Version": "1", + "Comment": "libipa_hbac-devel is installed", + "Name": "libipa_hbac-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487003", + "Version": "1", + "Comment": "libsss_autofs is installed", + "Name": "libsss_autofs" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487004", + "Version": "1", + "Comment": "libsss_certmap is installed", + "Name": "libsss_certmap" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487005", + "Version": "1", + "Comment": "libsss_certmap-devel is installed", + "Name": "libsss_certmap-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487006", + "Version": "1", + "Comment": "libsss_idmap is installed", + "Name": "libsss_idmap" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487007", + "Version": "1", + "Comment": "libsss_idmap-devel is installed", + "Name": "libsss_idmap-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487008", + "Version": "1", + "Comment": "libsss_nss_idmap is installed", + "Name": "libsss_nss_idmap" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487009", + "Version": "1", + "Comment": "libsss_nss_idmap-devel is installed", + "Name": "libsss_nss_idmap-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487010", + "Version": "1", + "Comment": "libsss_sudo is installed", + "Name": "libsss_sudo" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487011", + "Version": "1", + "Comment": "python3-module-ipa_hbac is installed", + "Name": "python3-module-ipa_hbac" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487012", + "Version": "1", + "Comment": "python3-module-sss is installed", + "Name": "python3-module-sss" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487013", + "Version": "1", + "Comment": "python3-module-sss-murmur is installed", + "Name": "python3-module-sss-murmur" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487014", + "Version": "1", + "Comment": "python3-module-sss_nss_idmap is installed", + "Name": "python3-module-sss_nss_idmap" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487015", + "Version": "1", + "Comment": "python3-module-sssd is installed", + "Name": "python3-module-sssd" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487016", + "Version": "1", + "Comment": "python3-module-sssdconfig is installed", + "Name": "python3-module-sssdconfig" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487017", + "Version": "1", + "Comment": "sssd is installed", + "Name": "sssd" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487018", + "Version": "1", + "Comment": "sssd-ad is installed", + "Name": "sssd-ad" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487019", + "Version": "1", + "Comment": "sssd-client is installed", + "Name": "sssd-client" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487020", + "Version": "1", + "Comment": "sssd-dbus is installed", + "Name": "sssd-dbus" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487021", + "Version": "1", + "Comment": "sssd-idp is installed", + "Name": "sssd-idp" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487022", + "Version": "1", + "Comment": "sssd-ipa is installed", + "Name": "sssd-ipa" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487023", + "Version": "1", + "Comment": "sssd-kcm is installed", + "Name": "sssd-kcm" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487024", + "Version": "1", + "Comment": "sssd-krb5 is installed", + "Name": "sssd-krb5" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487025", + "Version": "1", + "Comment": "sssd-krb5-common is installed", + "Name": "sssd-krb5-common" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487026", + "Version": "1", + "Comment": "sssd-ldap is installed", + "Name": "sssd-ldap" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487027", + "Version": "1", + "Comment": "sssd-nfs-idmap is installed", + "Name": "sssd-nfs-idmap" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487028", + "Version": "1", + "Comment": "sssd-pac is installed", + "Name": "sssd-pac" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487029", + "Version": "1", + "Comment": "sssd-passkey is installed", + "Name": "sssd-passkey" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487030", + "Version": "1", + "Comment": "sssd-proxy is installed", + "Name": "sssd-proxy" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487031", + "Version": "1", + "Comment": "sssd-tools is installed", + "Name": "sssd-tools" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412487032", + "Version": "1", + "Comment": "sssd-winbind-idmap is installed", + "Name": "sssd-winbind-idmap" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12487/states.json b/oval/c10f1/ALT-PU-2024-12487/states.json new file mode 100644 index 0000000000..28fcaa2250 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12487/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:4001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412487001", + "Version": "1", + "Comment": "package EVR is earlier than 0:2.9.4-alt1", + "Arch": {}, + "EVR": { + "Text": "0:2.9.4-alt1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12487/tests.json b/oval/c10f1/ALT-PU-2024-12487/tests.json new file mode 100644 index 0000000000..de762e9db5 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12487/tests.json @@ -0,0 +1,402 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:4001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:4001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:4001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412487001", + "Version": "1", + "Check": "all", + "Comment": "libipa_hbac is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487002", + "Version": "1", + "Check": "all", + "Comment": "libipa_hbac-devel is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487003", + "Version": "1", + "Check": "all", + "Comment": "libsss_autofs is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487003" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487004", + "Version": "1", + "Check": "all", + "Comment": "libsss_certmap is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487004" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487005", + "Version": "1", + "Check": "all", + "Comment": "libsss_certmap-devel is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487005" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487006", + "Version": "1", + "Check": "all", + "Comment": "libsss_idmap is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487006" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487007", + "Version": "1", + "Check": "all", + "Comment": "libsss_idmap-devel is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487007" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487008", + "Version": "1", + "Check": "all", + "Comment": "libsss_nss_idmap is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487008" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487009", + "Version": "1", + "Check": "all", + "Comment": "libsss_nss_idmap-devel is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487009" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487010", + "Version": "1", + "Check": "all", + "Comment": "libsss_sudo is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487010" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487011", + "Version": "1", + "Check": "all", + "Comment": "python3-module-ipa_hbac is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487011" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487012", + "Version": "1", + "Check": "all", + "Comment": "python3-module-sss is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487012" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487013", + "Version": "1", + "Check": "all", + "Comment": "python3-module-sss-murmur is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487013" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487014", + "Version": "1", + "Check": "all", + "Comment": "python3-module-sss_nss_idmap is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487014" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487015", + "Version": "1", + "Check": "all", + "Comment": "python3-module-sssd is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487015" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487016", + "Version": "1", + "Check": "all", + "Comment": "python3-module-sssdconfig is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487016" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487017", + "Version": "1", + "Check": "all", + "Comment": "sssd is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487017" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487018", + "Version": "1", + "Check": "all", + "Comment": "sssd-ad is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487018" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487019", + "Version": "1", + "Check": "all", + "Comment": "sssd-client is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487019" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487020", + "Version": "1", + "Check": "all", + "Comment": "sssd-dbus is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487020" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487021", + "Version": "1", + "Check": "all", + "Comment": "sssd-idp is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487021" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487022", + "Version": "1", + "Check": "all", + "Comment": "sssd-ipa is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487022" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487023", + "Version": "1", + "Check": "all", + "Comment": "sssd-kcm is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487023" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487024", + "Version": "1", + "Check": "all", + "Comment": "sssd-krb5 is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487024" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487025", + "Version": "1", + "Check": "all", + "Comment": "sssd-krb5-common is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487025" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487026", + "Version": "1", + "Check": "all", + "Comment": "sssd-ldap is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487026" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487027", + "Version": "1", + "Check": "all", + "Comment": "sssd-nfs-idmap is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487027" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487028", + "Version": "1", + "Check": "all", + "Comment": "sssd-pac is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487028" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487029", + "Version": "1", + "Check": "all", + "Comment": "sssd-passkey is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487029" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487030", + "Version": "1", + "Check": "all", + "Comment": "sssd-proxy is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487030" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487031", + "Version": "1", + "Check": "all", + "Comment": "sssd-tools is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487031" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412487032", + "Version": "1", + "Check": "all", + "Comment": "sssd-winbind-idmap is earlier than 0:2.9.4-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412487032" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412487001" + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12488/definitions.json b/oval/c10f1/ALT-PU-2024-12488/definitions.json new file mode 100644 index 0000000000..ef5762a63d --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12488/definitions.json @@ -0,0 +1,172 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412488", + "Version": "oval:org.altlinux.errata:def:202412488", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12488: package `gpupdate` update to version 0.10.6-alt0.c10.1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12488", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12488", + "Source": "ALTPU" + } + ], + "Description": "This update upgrades gpupdate to version 0.10.6-alt0.c10.1. \nSecurity Fix(es):\n\n * #44621: Неправильно формируется значение для политики DiskCacheSize для Yandex\n\n * #47638: Вместо ярлыка /usr/bin/chromium создается директория /home/SAMBA.TESTDOMAIN/testuser/Рабочий стол/usr/bin с содержимым chromium.desktop\n\n * #47641: Не добавляется комментарий при создании ярлыка\n\n * #47652: Некорректное применение ГП: после перезагрузки клиента изменения не применяются\n\n * #47820: Опечатки в выводе команды gpoa\n\n * #47995: Картинка фона рабочего стола: задаёт фоновую картинку по неверному пути\n\n * #47996: Тема курсора: задаёт курсор по неверному пути\n\n * #47998: Цвета: задаёт курсор по неверному пути\n\n * #48310: Не применяется локальная политика на клиентской машине\n\n * #48828: Обои рабочего стола: не меняет картинку (неверное регулярное выражение для задания параметра)\n\n * #48964: Не создается директория с атрибутом \"Скрытый\" после применения групповой политики\n\n * #48971: Группа политик Управление электропитанием: не работает чекбокс Блокировать (машинные политики)\n\n * #48973: Группа политик Управление электропитанием: дублируются строки в конфигурации (пользовательские политики)\n\n * #49229: Если \"подпись\" к сетевому диску состоит из более чем 1 слова - диск не монтируется\n\n * #50336: Отключение машинной политики настроек KDE не дает эффекта\n\n * #50553: Перестали применяться пользовательские групповые политики\n\n * #50667: Не отрабатывает групповая политика logon-скриптов при первой аутентификации доменного пользователя на клиентском узле введенным в домен Samba DC\n\n * #50755: Не работает выключение механизмов групповых политик\n\n * #50756: Скрипты machine/STARTUP попадают также в папку machine/SHUTDOWN\n\n * #50782: Некорректная работа c json для политики Управляемые закладки в Firefox", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": null, + "Bugzilla": [ + { + "ID": "44621", + "Href": "https://bugzilla.altlinux.org/44621", + "Data": "Неправильно формируется значение для политики DiskCacheSize для Yandex" + }, + { + "ID": "47638", + "Href": "https://bugzilla.altlinux.org/47638", + "Data": "Вместо ярлыка /usr/bin/chromium создается директория /home/SAMBA.TESTDOMAIN/testuser/Рабочий стол/usr/bin с содержимым chromium.desktop" + }, + { + "ID": "47641", + "Href": "https://bugzilla.altlinux.org/47641", + "Data": "Не добавляется комментарий при создании ярлыка" + }, + { + "ID": "47652", + "Href": "https://bugzilla.altlinux.org/47652", + "Data": "Некорректное применение ГП: после перезагрузки клиента изменения не применяются" + }, + { + "ID": "47820", + "Href": "https://bugzilla.altlinux.org/47820", + "Data": "Опечатки в выводе команды gpoa" + }, + { + "ID": "47995", + "Href": "https://bugzilla.altlinux.org/47995", + "Data": "Картинка фона рабочего стола: задаёт фоновую картинку по неверному пути" + }, + { + "ID": "47996", + "Href": "https://bugzilla.altlinux.org/47996", + "Data": "Тема курсора: задаёт курсор по неверному пути" + }, + { + "ID": "47998", + "Href": "https://bugzilla.altlinux.org/47998", + "Data": "Цвета: задаёт курсор по неверному пути" + }, + { + "ID": "48310", + "Href": "https://bugzilla.altlinux.org/48310", + "Data": "Не применяется локальная политика на клиентской машине" + }, + { + "ID": "48828", + "Href": "https://bugzilla.altlinux.org/48828", + "Data": "Обои рабочего стола: не меняет картинку (неверное регулярное выражение для задания параметра)" + }, + { + "ID": "48964", + "Href": "https://bugzilla.altlinux.org/48964", + "Data": "Не создается директория с атрибутом \"Скрытый\" после применения групповой политики" + }, + { + "ID": "48971", + "Href": "https://bugzilla.altlinux.org/48971", + "Data": "Группа политик Управление электропитанием: не работает чекбокс Блокировать (машинные политики)" + }, + { + "ID": "48973", + "Href": "https://bugzilla.altlinux.org/48973", + "Data": "Группа политик Управление электропитанием: дублируются строки в конфигурации (пользовательские политики)" + }, + { + "ID": "49229", + "Href": "https://bugzilla.altlinux.org/49229", + "Data": "Если \"подпись\" к сетевому диску состоит из более чем 1 слова - диск не монтируется" + }, + { + "ID": "50336", + "Href": "https://bugzilla.altlinux.org/50336", + "Data": "Отключение машинной политики настроек KDE не дает эффекта" + }, + { + "ID": "50553", + "Href": "https://bugzilla.altlinux.org/50553", + "Data": "Перестали применяться пользовательские групповые политики" + }, + { + "ID": "50667", + "Href": "https://bugzilla.altlinux.org/50667", + "Data": "Не отрабатывает групповая политика logon-скриптов при первой аутентификации доменного пользователя на клиентском узле введенным в домен Samba DC" + }, + { + "ID": "50755", + "Href": "https://bugzilla.altlinux.org/50755", + "Data": "Не работает выключение механизмов групповых политик" + }, + { + "ID": "50756", + "Href": "https://bugzilla.altlinux.org/50756", + "Data": "Скрипты machine/STARTUP попадают также в папку machine/SHUTDOWN" + }, + { + "ID": "50782", + "Href": "https://bugzilla.altlinux.org/50782", + "Data": "Некорректная работа c json для политики Управляемые закладки в Firefox" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:4001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412488001", + "Comment": "gpupdate is earlier than 0:0.10.6-alt0.c10.1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12488/objects.json b/oval/c10f1/ALT-PU-2024-12488/objects.json new file mode 100644 index 0000000000..d60bc37381 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12488/objects.json @@ -0,0 +1,34 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:4001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412488001", + "Version": "1", + "Comment": "gpupdate is installed", + "Name": "gpupdate" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12488/states.json b/oval/c10f1/ALT-PU-2024-12488/states.json new file mode 100644 index 0000000000..676b5a4a77 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12488/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:4001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412488001", + "Version": "1", + "Comment": "package EVR is earlier than 0:0.10.6-alt0.c10.1", + "Arch": {}, + "EVR": { + "Text": "0:0.10.6-alt0.c10.1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12488/tests.json b/oval/c10f1/ALT-PU-2024-12488/tests.json new file mode 100644 index 0000000000..b9491142b1 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12488/tests.json @@ -0,0 +1,30 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:4001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:4001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:4001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412488001", + "Version": "1", + "Check": "all", + "Comment": "gpupdate is earlier than 0:0.10.6-alt0.c10.1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412488001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412488001" + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12489/definitions.json b/oval/c10f1/ALT-PU-2024-12489/definitions.json new file mode 100644 index 0000000000..367340852f --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12489/definitions.json @@ -0,0 +1,121 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412489", + "Version": "oval:org.altlinux.errata:def:202412489", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12489: package `admc` update to version 0.16.3-alt1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12489", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12489", + "Source": "ALTPU" + } + ], + "Description": "This update upgrades admc to version 0.16.3-alt1. \nSecurity Fix(es):\n\n * #44684: Создание и переименование объекта групповой политики. Возможно ввести пустое имя\n\n * #47082: Переименование группы. Имя группы (до Windows 2000) автоматически не заполняется при вводе имени\n\n * #47122: Кнопки \"Принудительно\" и \"Отключено\" контекстного меню привязанных групповых политик удаляют связь с подразделением\n\n * #47551: Неправильная иконка компьютера при отключении/включении\n\n * #48780: Не срабатывает автоматически обновление статуса компьютера и пользователя в admc при включении и отключении и других действиях\n\n * #48817: Не показывается constucted атрибут\n\n * #49043: При первом запуске admc сообщение: Тема, указанная в настройках, не найдена\n\n * #49385: [admc] Некорректно меняется иконка связи групповой политики, привязанной домену\n\n * #49670: Не обновляется дерево после удаления связи через контекстном меню групповой политики", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": null, + "Bugzilla": [ + { + "ID": "44684", + "Href": "https://bugzilla.altlinux.org/44684", + "Data": "Создание и переименование объекта групповой политики. Возможно ввести пустое имя" + }, + { + "ID": "47082", + "Href": "https://bugzilla.altlinux.org/47082", + "Data": "Переименование группы. Имя группы (до Windows 2000) автоматически не заполняется при вводе имени" + }, + { + "ID": "47122", + "Href": "https://bugzilla.altlinux.org/47122", + "Data": "Кнопки \"Принудительно\" и \"Отключено\" контекстного меню привязанных групповых политик удаляют связь с подразделением" + }, + { + "ID": "47551", + "Href": "https://bugzilla.altlinux.org/47551", + "Data": "Неправильная иконка компьютера при отключении/включении" + }, + { + "ID": "48780", + "Href": "https://bugzilla.altlinux.org/48780", + "Data": "Не срабатывает автоматически обновление статуса компьютера и пользователя в admc при включении и отключении и других действиях" + }, + { + "ID": "48817", + "Href": "https://bugzilla.altlinux.org/48817", + "Data": "Не показывается constucted атрибут" + }, + { + "ID": "49043", + "Href": "https://bugzilla.altlinux.org/49043", + "Data": "При первом запуске admc сообщение: Тема, указанная в настройках, не найдена" + }, + { + "ID": "49385", + "Href": "https://bugzilla.altlinux.org/49385", + "Data": "[admc] Некорректно меняется иконка связи групповой политики, привязанной домену" + }, + { + "ID": "49670", + "Href": "https://bugzilla.altlinux.org/49670", + "Data": "Не обновляется дерево после удаления связи через контекстном меню групповой политики" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:4001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412489001", + "Comment": "admc is earlier than 0:0.16.3-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412489002", + "Comment": "admc-test is earlier than 0:0.16.3-alt1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12489/objects.json b/oval/c10f1/ALT-PU-2024-12489/objects.json new file mode 100644 index 0000000000..a95d9dacba --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12489/objects.json @@ -0,0 +1,40 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:4001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412489001", + "Version": "1", + "Comment": "admc is installed", + "Name": "admc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412489002", + "Version": "1", + "Comment": "admc-test is installed", + "Name": "admc-test" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12489/states.json b/oval/c10f1/ALT-PU-2024-12489/states.json new file mode 100644 index 0000000000..8db7b21fdb --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12489/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:4001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412489001", + "Version": "1", + "Comment": "package EVR is earlier than 0:0.16.3-alt1", + "Arch": {}, + "EVR": { + "Text": "0:0.16.3-alt1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12489/tests.json b/oval/c10f1/ALT-PU-2024-12489/tests.json new file mode 100644 index 0000000000..a2c576e081 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12489/tests.json @@ -0,0 +1,42 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:4001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:4001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:4001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412489001", + "Version": "1", + "Check": "all", + "Comment": "admc is earlier than 0:0.16.3-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412489001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412489001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412489002", + "Version": "1", + "Check": "all", + "Comment": "admc-test is earlier than 0:0.16.3-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412489002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412489001" + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12802/definitions.json b/oval/c10f1/ALT-PU-2024-12802/definitions.json new file mode 100644 index 0000000000..2ea3e1c25a --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12802/definitions.json @@ -0,0 +1,199 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412802", + "Version": "oval:org.altlinux.errata:def:202412802", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12802: package `ffmpeg` update to version 4.4.5-alt2", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12802", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12802", + "Source": "ALTPU" + }, + { + "RefID": "BDU:2024-00245", + "RefURL": "https://bdu.fstec.ru/vul/2024-00245", + "Source": "BDU" + }, + { + "RefID": "CVE-2023-47342", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-47342", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-7055", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-7055", + "Source": "CVE" + } + ], + "Description": "This update upgrades ffmpeg to version 4.4.5-alt2. \nSecurity Fix(es):\n\n * BDU:2024-00245: Уязвимость мультимедийной библиотеки FFmpeg, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привелегии\n\n * CVE-2023-47342: description unavailable\n\n * CVE-2024-7055: A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.2 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-273651.", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": [ + { + "ID": "BDU:2024-00245", + "CVSS": "AV:A/AC:L/Au:S/C:P/I:P/A:P", + "CVSS3": "AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "CWE": "CWE-269", + "Href": "https://bdu.fstec.ru/vul/2024-00245", + "Impact": "Low", + "Public": "20231106" + } + ], + "CVEs": [ + { + "ID": "CVE-2024-7055", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-7055", + "Impact": "None", + "Public": "20240806" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:4001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412802001", + "Comment": "ffmpeg is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802002", + "Comment": "ffmpeg-doc is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802003", + "Comment": "ffplay is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802004", + "Comment": "ffplay-doc is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802005", + "Comment": "ffprobe is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802006", + "Comment": "ffprobe-doc is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802007", + "Comment": "ffserver-doc is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802008", + "Comment": "libavcodec-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802009", + "Comment": "libavcodec58 is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802010", + "Comment": "libavdevice-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802011", + "Comment": "libavdevice58 is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802012", + "Comment": "libavfilter-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802013", + "Comment": "libavfilter7 is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802014", + "Comment": "libavformat-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802015", + "Comment": "libavformat58 is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802016", + "Comment": "libavresample-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802017", + "Comment": "libavresample4 is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802018", + "Comment": "libavutil-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802019", + "Comment": "libavutil56 is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802020", + "Comment": "libpostproc-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802021", + "Comment": "libpostproc55 is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802022", + "Comment": "libswresample-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802023", + "Comment": "libswresample3 is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802024", + "Comment": "libswscale-devel is earlier than 2:4.4.5-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412802025", + "Comment": "libswscale5 is earlier than 2:4.4.5-alt2" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12802/objects.json b/oval/c10f1/ALT-PU-2024-12802/objects.json new file mode 100644 index 0000000000..498525de35 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12802/objects.json @@ -0,0 +1,178 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:4001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412802001", + "Version": "1", + "Comment": "ffmpeg is installed", + "Name": "ffmpeg" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802002", + "Version": "1", + "Comment": "ffmpeg-doc is installed", + "Name": "ffmpeg-doc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802003", + "Version": "1", + "Comment": "ffplay is installed", + "Name": "ffplay" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802004", + "Version": "1", + "Comment": "ffplay-doc is installed", + "Name": "ffplay-doc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802005", + "Version": "1", + "Comment": "ffprobe is installed", + "Name": "ffprobe" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802006", + "Version": "1", + "Comment": "ffprobe-doc is installed", + "Name": "ffprobe-doc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802007", + "Version": "1", + "Comment": "ffserver-doc is installed", + "Name": "ffserver-doc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802008", + "Version": "1", + "Comment": "libavcodec-devel is installed", + "Name": "libavcodec-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802009", + "Version": "1", + "Comment": "libavcodec58 is installed", + "Name": "libavcodec58" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802010", + "Version": "1", + "Comment": "libavdevice-devel is installed", + "Name": "libavdevice-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802011", + "Version": "1", + "Comment": "libavdevice58 is installed", + "Name": "libavdevice58" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802012", + "Version": "1", + "Comment": "libavfilter-devel is installed", + "Name": "libavfilter-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802013", + "Version": "1", + "Comment": "libavfilter7 is installed", + "Name": "libavfilter7" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802014", + "Version": "1", + "Comment": "libavformat-devel is installed", + "Name": "libavformat-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802015", + "Version": "1", + "Comment": "libavformat58 is installed", + "Name": "libavformat58" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802016", + "Version": "1", + "Comment": "libavresample-devel is installed", + "Name": "libavresample-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802017", + "Version": "1", + "Comment": "libavresample4 is installed", + "Name": "libavresample4" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802018", + "Version": "1", + "Comment": "libavutil-devel is installed", + "Name": "libavutil-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802019", + "Version": "1", + "Comment": "libavutil56 is installed", + "Name": "libavutil56" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802020", + "Version": "1", + "Comment": "libpostproc-devel is installed", + "Name": "libpostproc-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802021", + "Version": "1", + "Comment": "libpostproc55 is installed", + "Name": "libpostproc55" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802022", + "Version": "1", + "Comment": "libswresample-devel is installed", + "Name": "libswresample-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802023", + "Version": "1", + "Comment": "libswresample3 is installed", + "Name": "libswresample3" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802024", + "Version": "1", + "Comment": "libswscale-devel is installed", + "Name": "libswscale-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412802025", + "Version": "1", + "Comment": "libswscale5 is installed", + "Name": "libswscale5" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12802/states.json b/oval/c10f1/ALT-PU-2024-12802/states.json new file mode 100644 index 0000000000..6776639280 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12802/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:4001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412802001", + "Version": "1", + "Comment": "package EVR is earlier than 2:4.4.5-alt2", + "Arch": {}, + "EVR": { + "Text": "2:4.4.5-alt2", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12802/tests.json b/oval/c10f1/ALT-PU-2024-12802/tests.json new file mode 100644 index 0000000000..43878ed251 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12802/tests.json @@ -0,0 +1,318 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:4001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:4001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:4001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412802001", + "Version": "1", + "Check": "all", + "Comment": "ffmpeg is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802002", + "Version": "1", + "Check": "all", + "Comment": "ffmpeg-doc is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802003", + "Version": "1", + "Check": "all", + "Comment": "ffplay is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802003" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802004", + "Version": "1", + "Check": "all", + "Comment": "ffplay-doc is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802004" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802005", + "Version": "1", + "Check": "all", + "Comment": "ffprobe is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802005" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802006", + "Version": "1", + "Check": "all", + "Comment": "ffprobe-doc is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802006" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802007", + "Version": "1", + "Check": "all", + "Comment": "ffserver-doc is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802007" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802008", + "Version": "1", + "Check": "all", + "Comment": "libavcodec-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802008" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802009", + "Version": "1", + "Check": "all", + "Comment": "libavcodec58 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802009" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802010", + "Version": "1", + "Check": "all", + "Comment": "libavdevice-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802010" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802011", + "Version": "1", + "Check": "all", + "Comment": "libavdevice58 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802011" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802012", + "Version": "1", + "Check": "all", + "Comment": "libavfilter-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802012" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802013", + "Version": "1", + "Check": "all", + "Comment": "libavfilter7 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802013" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802014", + "Version": "1", + "Check": "all", + "Comment": "libavformat-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802014" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802015", + "Version": "1", + "Check": "all", + "Comment": "libavformat58 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802015" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802016", + "Version": "1", + "Check": "all", + "Comment": "libavresample-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802016" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802017", + "Version": "1", + "Check": "all", + "Comment": "libavresample4 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802017" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802018", + "Version": "1", + "Check": "all", + "Comment": "libavutil-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802018" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802019", + "Version": "1", + "Check": "all", + "Comment": "libavutil56 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802019" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802020", + "Version": "1", + "Check": "all", + "Comment": "libpostproc-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802020" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802021", + "Version": "1", + "Check": "all", + "Comment": "libpostproc55 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802021" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802022", + "Version": "1", + "Check": "all", + "Comment": "libswresample-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802022" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802023", + "Version": "1", + "Check": "all", + "Comment": "libswresample3 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802023" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802024", + "Version": "1", + "Check": "all", + "Comment": "libswscale-devel is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802024" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412802025", + "Version": "1", + "Check": "all", + "Comment": "libswscale5 is earlier than 2:4.4.5-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412802025" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412802001" + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12935/definitions.json b/oval/c10f1/ALT-PU-2024-12935/definitions.json new file mode 100644 index 0000000000..4af4d6ad48 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12935/definitions.json @@ -0,0 +1,89 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412935", + "Version": "oval:org.altlinux.errata:def:202412935", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12935: package `xrdp` update to version 0.10.1-alt0.p10.1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12935", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12935", + "Source": "ALTPU" + }, + { + "RefID": "CVE-2024-39917", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-39917", + "Source": "CVE" + } + ], + "Description": "This update upgrades xrdp to version 0.10.1-alt0.p10.1. \nSecurity Fix(es):\n\n * CVE-2024-39917: xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter `MaxLoginRetry` in `/etc/xrdp/sesman.ini`. However, this mechanism was not effectively working. As a result, xrdp allows an infinite number of login attempts. ", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Critical", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": null, + "CVEs": [ + { + "ID": "CVE-2024-39917", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-307", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-39917", + "Impact": "Critical", + "Public": "20240712" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:4001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412935001", + "Comment": "xorg-drv-xrdp is earlier than 0:0.10.1-alt0.p10.1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412935002", + "Comment": "xrdp is earlier than 0:0.10.1-alt0.p10.1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12935/objects.json b/oval/c10f1/ALT-PU-2024-12935/objects.json new file mode 100644 index 0000000000..2c4bfae576 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12935/objects.json @@ -0,0 +1,40 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:4001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412935001", + "Version": "1", + "Comment": "xorg-drv-xrdp is installed", + "Name": "xorg-drv-xrdp" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412935002", + "Version": "1", + "Comment": "xrdp is installed", + "Name": "xrdp" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12935/states.json b/oval/c10f1/ALT-PU-2024-12935/states.json new file mode 100644 index 0000000000..d6f6aecd1c --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12935/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:4001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412935001", + "Version": "1", + "Comment": "package EVR is earlier than 0:0.10.1-alt0.p10.1", + "Arch": {}, + "EVR": { + "Text": "0:0.10.1-alt0.p10.1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-12935/tests.json b/oval/c10f1/ALT-PU-2024-12935/tests.json new file mode 100644 index 0000000000..0ffb4f1e75 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-12935/tests.json @@ -0,0 +1,42 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:4001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:4001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:4001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412935001", + "Version": "1", + "Check": "all", + "Comment": "xorg-drv-xrdp is earlier than 0:0.10.1-alt0.p10.1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412935001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412935001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412935002", + "Version": "1", + "Check": "all", + "Comment": "xrdp is earlier than 0:0.10.1-alt0.p10.1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412935002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412935001" + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-12348/definitions.json b/oval/p10/ALT-PU-2024-12348/definitions.json new file mode 100644 index 0000000000..3077a67bee --- /dev/null +++ b/oval/p10/ALT-PU-2024-12348/definitions.json @@ -0,0 +1,101 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412348", + "Version": "oval:org.altlinux.errata:def:202412348", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12348: package `theme-mate-windows` update to version 2.7-alt1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch p10" + ], + "Products": [ + "ALT Server", + "ALT Virtualization Server", + "ALT Workstation", + "ALT Workstation K", + "ALT Education", + "Simply Linux", + "Starterkit" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12348", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12348", + "Source": "ALTPU" + } + ], + "Description": "This update upgrades theme-mate-windows to version 2.7-alt1. \nSecurity Fix(es):\n\n * #43513: Баг темы Black Mate", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": null, + "Bugzilla": [ + { + "ID": "43513", + "Href": "https://bugzilla.altlinux.org/43513", + "Data": "Баг темы Black Mate" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:kworkstation:10", + "cpe:/o:alt:workstation:10", + "cpe:/o:alt:server:10", + "cpe:/o:alt:server-v:10", + "cpe:/o:alt:education:10", + "cpe:/o:alt:slinux:10", + "cpe:/o:alt:starterkit:p10", + "cpe:/o:alt:kworkstation:10.1", + "cpe:/o:alt:workstation:10.1", + "cpe:/o:alt:server:10.1", + "cpe:/o:alt:server-v:10.1", + "cpe:/o:alt:education:10.1", + "cpe:/o:alt:slinux:10.1", + "cpe:/o:alt:starterkit:10.1", + "cpe:/o:alt:kworkstation:10.2", + "cpe:/o:alt:workstation:10.2", + "cpe:/o:alt:server:10.2", + "cpe:/o:alt:server-v:10.2", + "cpe:/o:alt:education:10.2", + "cpe:/o:alt:slinux:10.2", + "cpe:/o:alt:starterkit:10.2" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:2001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412348001", + "Comment": "theme-mate-windows is earlier than 0:2.7-alt1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-12348/objects.json b/oval/p10/ALT-PU-2024-12348/objects.json new file mode 100644 index 0000000000..fcbd2f0fa1 --- /dev/null +++ b/oval/p10/ALT-PU-2024-12348/objects.json @@ -0,0 +1,34 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:2001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412348001", + "Version": "1", + "Comment": "theme-mate-windows is installed", + "Name": "theme-mate-windows" + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-12348/states.json b/oval/p10/ALT-PU-2024-12348/states.json new file mode 100644 index 0000000000..e9264e5c2d --- /dev/null +++ b/oval/p10/ALT-PU-2024-12348/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:2001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412348001", + "Version": "1", + "Comment": "package EVR is earlier than 0:2.7-alt1", + "Arch": {}, + "EVR": { + "Text": "0:2.7-alt1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-12348/tests.json b/oval/p10/ALT-PU-2024-12348/tests.json new file mode 100644 index 0000000000..3f47b4a809 --- /dev/null +++ b/oval/p10/ALT-PU-2024-12348/tests.json @@ -0,0 +1,30 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:2001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'p10' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:2001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:2001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412348001", + "Version": "1", + "Check": "all", + "Comment": "theme-mate-windows is earlier than 0:2.7-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412348001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412348001" + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-12626/definitions.json b/oval/p10/ALT-PU-2024-12626/definitions.json new file mode 100644 index 0000000000..3a1869edd3 --- /dev/null +++ b/oval/p10/ALT-PU-2024-12626/definitions.json @@ -0,0 +1,126 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202412626", + "Version": "oval:org.altlinux.errata:def:202412626", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-12626: package `gst-plugins-bad1.0` update to version 1.20.7-alt2", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch p10" + ], + "Products": [ + "ALT Server", + "ALT Virtualization Server", + "ALT Workstation", + "ALT Workstation K", + "ALT Education", + "Simply Linux", + "Starterkit" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-12626", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-12626", + "Source": "ALTPU" + }, + { + "RefID": "BDU:2023-08257", + "RefURL": "https://bdu.fstec.ru/vul/2023-08257", + "Source": "BDU" + }, + { + "RefID": "CVE-2023-44446", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-44446", + "Source": "CVE" + } + ], + "Description": "This update upgrades gst-plugins-bad1.0 to version 1.20.7-alt2. \nSecurity Fix(es):\n\n * BDU:2023-08257: Уязвимость парсера MXF-файлов мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-44446: GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22299.", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "High", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-09-23" + }, + "Updated": { + "Date": "2024-09-23" + }, + "BDUs": [ + { + "ID": "BDU:2023-08257", + "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", + "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "CWE": "CWE-119, CWE-416", + "Href": "https://bdu.fstec.ru/vul/2023-08257", + "Impact": "High", + "Public": "20231019" + } + ], + "CVEs": [ + { + "ID": "CVE-2023-44446", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-44446", + "Impact": "None", + "Public": "20240503" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:kworkstation:10", + "cpe:/o:alt:workstation:10", + "cpe:/o:alt:server:10", + "cpe:/o:alt:server-v:10", + "cpe:/o:alt:education:10", + "cpe:/o:alt:slinux:10", + "cpe:/o:alt:starterkit:p10", + "cpe:/o:alt:kworkstation:10.1", + "cpe:/o:alt:workstation:10.1", + "cpe:/o:alt:server:10.1", + "cpe:/o:alt:server-v:10.1", + "cpe:/o:alt:education:10.1", + "cpe:/o:alt:slinux:10.1", + "cpe:/o:alt:starterkit:10.1", + "cpe:/o:alt:kworkstation:10.2", + "cpe:/o:alt:workstation:10.2", + "cpe:/o:alt:server:10.2", + "cpe:/o:alt:server-v:10.2", + "cpe:/o:alt:education:10.2", + "cpe:/o:alt:slinux:10.2", + "cpe:/o:alt:starterkit:10.2" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:2001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202412626001", + "Comment": "gst-plugins-bad1.0 is earlier than 0:1.20.7-alt2" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202412626002", + "Comment": "gst-plugins-bad1.0-devel is earlier than 0:1.20.7-alt2" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-12626/objects.json b/oval/p10/ALT-PU-2024-12626/objects.json new file mode 100644 index 0000000000..980b978c5d --- /dev/null +++ b/oval/p10/ALT-PU-2024-12626/objects.json @@ -0,0 +1,40 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:2001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202412626001", + "Version": "1", + "Comment": "gst-plugins-bad1.0 is installed", + "Name": "gst-plugins-bad1.0" + }, + { + "ID": "oval:org.altlinux.errata:obj:202412626002", + "Version": "1", + "Comment": "gst-plugins-bad1.0-devel is installed", + "Name": "gst-plugins-bad1.0-devel" + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-12626/states.json b/oval/p10/ALT-PU-2024-12626/states.json new file mode 100644 index 0000000000..a477f914c3 --- /dev/null +++ b/oval/p10/ALT-PU-2024-12626/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:2001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202412626001", + "Version": "1", + "Comment": "package EVR is earlier than 0:1.20.7-alt2", + "Arch": {}, + "EVR": { + "Text": "0:1.20.7-alt2", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-12626/tests.json b/oval/p10/ALT-PU-2024-12626/tests.json new file mode 100644 index 0000000000..ccce6f053f --- /dev/null +++ b/oval/p10/ALT-PU-2024-12626/tests.json @@ -0,0 +1,42 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:2001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'p10' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:2001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:2001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202412626001", + "Version": "1", + "Check": "all", + "Comment": "gst-plugins-bad1.0 is earlier than 0:1.20.7-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412626001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412626001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202412626002", + "Version": "1", + "Check": "all", + "Comment": "gst-plugins-bad1.0-devel is earlier than 0:1.20.7-alt2", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202412626002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202412626001" + } + } + ] +} \ No newline at end of file