ALT Vulnerability

oval/c10f1/ALT-PU-2024-3980/definitions.json

@@ -0,0 +1,162 @@
+{
+  "Definition": [
+    {
+      "ID": "oval:org.altlinux.errata:def:20243980",
+      "Version": "oval:org.altlinux.errata:def:20243980",
+      "Class": "patch",
+      "Metadata": {
+        "Title": "ALT-PU-2024-3980: package `connman` update to version 1.42-alt1",
+        "AffectedList": [
+          {
+            "Family": "unix",
+            "Platforms": [
+              "ALT Linux branch c10f1"
+            ],
+            "Products": [
+              "ALT SP Workstation",
+              "ALT SP Server"
+            ]
+          }
+        ],
+        "References": [
+          {
+            "RefID": "ALT-PU-2024-3980",
+            "RefURL": "https://errata.altlinux.org/ALT-PU-2024-3980",
+            "Source": "ALTPU"
+          },
+          {
+            "RefID": "BDU:2022-07359",
+            "RefURL": "https://bdu.fstec.ru/vul/2022-07359",
+            "Source": "BDU"
+          },
+          {
+            "RefID": "BDU:2022-07360",
+            "RefURL": "https://bdu.fstec.ru/vul/2022-07360",
+            "Source": "BDU"
+          },
+          {
+            "RefID": "BDU:2023-03868",
+            "RefURL": "https://bdu.fstec.ru/vul/2023-03868",
+            "Source": "BDU"
+          },
+          {
+            "RefID": "CVE-2022-32292",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-32292",
+            "Source": "CVE"
+          },
+          {
+            "RefID": "CVE-2022-32293",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-32293",
+            "Source": "CVE"
+          },
+          {
+            "RefID": "CVE-2023-28488",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-28488",
+            "Source": "CVE"
+          }
+        ],
+        "Description": "This update upgrades connman to version 1.42-alt1. \nSecurity Fix(es):\n\n * BDU:2022-07359: Уязвимость реализации поддержки WISPR диспетчера соединений Connman, связанная с использованием памяти после ее освобождения, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код\n\n * BDU:2022-07360: Уязвимость компонента gweb диспетчера соединений Connman, связанная с записью за границами выделенного диапазона памяти,  позволяющая нарушителю выполнить произвольный код\n\n * BDU:2023-03868: Уязвимость компонента client.c диспетчера соединений ConnMan, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2022-32292: In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.\n\n * CVE-2022-32293: In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.\n\n * CVE-2023-28488: client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.",
+        "Advisory": {
+          "From": "errata.altlinux.org",
+          "Severity": "Critical",
+          "Rights": "Copyright 2024 BaseALT Ltd.",
+          "Issued": {
+            "Date": "2024-03-18"
+          },
+          "Updated": {
+            "Date": "2024-03-18"
+          },
+          "bdu": [
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
+              "Cvss3": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+              "Cwe": "CWE-416",
+              "Href": "https://bdu.fstec.ru/vul/2022-07359",
+              "Impact": "High",
+              "Public": "20220803",
+              "CveID": "BDU:2022-07359"
+            },
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
+              "Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+              "Cwe": "CWE-787",
+              "Href": "https://bdu.fstec.ru/vul/2022-07360",
+              "Impact": "Critical",
+              "Public": "20220803",
+              "CveID": "BDU:2022-07360"
+            },
+            {
+              "Cvss": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
+              "Cvss3": "AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+              "Cwe": "CWE-787",
+              "Href": "https://bdu.fstec.ru/vul/2023-03868",
+              "Impact": "Low",
+              "Public": "20230411",
+              "CveID": "BDU:2023-03868"
+            }
+          ],
+          "Cves": [
+            {
+              "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+              "Cwe": "CWE-787",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-32292",
+              "Impact": "Critical",
+              "Public": "20220803",
+              "CveID": "CVE-2022-32292"
+            },
+            {
+              "Cvss3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+              "Cwe": "CWE-416",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-32293",
+              "Impact": "High",
+              "Public": "20220803",
+              "CveID": "CVE-2022-32293"
+            },
+            {
+              "Cvss3": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+              "Cwe": "CWE-787",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-28488",
+              "Impact": "Low",
+              "Public": "20230412",
+              "CveID": "CVE-2023-28488"
+            }
+          ],
+          "AffectedCpeList": {
+            "Cpe": [
+              "cpe:/o:alt:spworkstation:10",
+              "cpe:/o:alt:spserver:10"
+            ]
+          }
+        }
+      },
+      "Criteria": {
+        "Operator": "AND",
+        "Criterions": [
+          {
+            "TestRef": "oval:org.altlinux.errata:tst:4001",
+            "Comment": "ALT Linux must be installed"
+          }
+        ],
+        "Criterias": [
+          {
+            "Operator": "OR",
+            "Criterions": [
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20243980001",
+                "Comment": "connman is earlier than 0:1.42-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20243980002",
+                "Comment": "connman-devel is earlier than 0:1.42-alt1"
+              },
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20243980003",
+                "Comment": "connman-docs is earlier than 0:1.42-alt1"
+              }
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}

oval/c10f1/ALT-PU-2024-3980/objects.json

@@ -0,0 +1,46 @@
+{
+  "TextFileContent54Objects": [
+    {
+      "ID": "oval:org.altlinux.errata:obj:4001",
+      "Version": "1",
+      "comment": "Evaluate `/etc/os-release` file content",
+      "Path": {
+        "dataType": "string",
+        "Text": "/etc"
+      },
+      "Filepath": {
+        "Datatype": "string",
+        "Text": "os-release"
+      },
+      "Pattern": {
+        "Datatype": "string",
+        "Operation": "pattern match",
+        "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
+      },
+      "Instance": {
+        "Datatype": "int",
+        "Text": "1"
+      }
+    }
+  ],
+  "RpmInfoObjects": [
+    {
+      "ID": "oval:org.altlinux.errata:obj:20243980001",
+      "Version": "1",
+      "comment": "connman is installed",
+      "Name": "connman"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20243980002",
+      "Version": "1",
+      "comment": "connman-devel is installed",
+      "Name": "connman-devel"
+    },
+    {
+      "ID": "oval:org.altlinux.errata:obj:20243980003",
+      "Version": "1",
+      "comment": "connman-docs is installed",
+      "Name": "connman-docs"
+    }
+  ]
+}

oval/c10f1/ALT-PU-2024-3980/states.json

@@ -0,0 +1,23 @@
+{
+  "TextFileContent54State": [
+    {
+      "ID": "oval:org.altlinux.errata:ste:4001",
+      "Version": "1",
+      "Text": {}
+    }
+  ],
+  "RpmInfoState": [
+    {
+      "ID": "oval:org.altlinux.errata:ste:20243980001",
+      "Version": "1",
+      "Comment": "package EVR is earlier than 0:1.42-alt1",
+      "Arch": {},
+      "Evr": {
+        "Text": "0:1.42-alt1",
+        "Datatype": "evr_string",
+        "Operation": "less than"
+      },
+      "Subexpression": {}
+    }
+  ]
+}

oval/c10f1/ALT-PU-2024-3980/tests.json

@@ -0,0 +1,54 @@
+{
+  "TextFileContent54Tests": [
+    {
+      "ID": "oval:org.altlinux.errata:tst:4001",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "ALT Linux based on branch 'c10f1' must be installed",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:4001"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:4001"
+      }
+    }
+  ],
+  "RPMInfoTests": [
+    {
+      "ID": "oval:org.altlinux.errata:tst:20243980001",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "connman is earlier than 0:1.42-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20243980001"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20243980001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20243980002",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "connman-devel is earlier than 0:1.42-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20243980002"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20243980001"
+      }
+    },
+    {
+      "ID": "oval:org.altlinux.errata:tst:20243980003",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "connman-docs is earlier than 0:1.42-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20243980003"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20243980001"
+      }
+    }
+  ]
+}

oval/c10f1/ALT-PU-2024-3982/definitions.json

@@ -0,0 +1,157 @@
+{
+  "Definition": [
+    {
+      "ID": "oval:org.altlinux.errata:def:20243982",
+      "Version": "oval:org.altlinux.errata:def:20243982",
+      "Class": "patch",
+      "Metadata": {
+        "Title": "ALT-PU-2024-3982: package `suricata` update to version 6.0.10-alt1",
+        "AffectedList": [
+          {
+            "Family": "unix",
+            "Platforms": [
+              "ALT Linux branch c10f1"
+            ],
+            "Products": [
+              "ALT SP Workstation",
+              "ALT SP Server"
+            ]
+          }
+        ],
+        "References": [
+          {
+            "RefID": "ALT-PU-2024-3982",
+            "RefURL": "https://errata.altlinux.org/ALT-PU-2024-3982",
+            "Source": "ALTPU"
+          },
+          {
+            "RefID": "BDU:2022-01686",
+            "RefURL": "https://bdu.fstec.ru/vul/2022-01686",
+            "Source": "BDU"
+          },
+          {
+            "RefID": "BDU:2023-06804",
+            "RefURL": "https://bdu.fstec.ru/vul/2023-06804",
+            "Source": "BDU"
+          },
+          {
+            "RefID": "BDU:2023-06805",
+            "RefURL": "https://bdu.fstec.ru/vul/2023-06805",
+            "Source": "BDU"
+          },
+          {
+            "RefID": "CVE-2021-35063",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-35063",
+            "Source": "CVE"
+          },
+          {
+            "RefID": "CVE-2021-37592",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37592",
+            "Source": "CVE"
+          },
+          {
+            "RefID": "CVE-2021-45098",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-45098",
+            "Source": "CVE"
+          }
+        ],
+        "Description": "This update upgrades suricata to version 6.0.10-alt1. \nSecurity Fix(es):\n\n * BDU:2022-01686: Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с недостатками разграничения доступа, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-06804: Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с недостаточной проверкой хэш-функции, позволяющая нарушителю реализовать атаку TCP Reset\n\n * BDU:2023-06805: Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю обойти ограничения безопасности и реализовать атаку TCP Reset\n\n * CVE-2021-35063: Suricata before 5.0.7 and 6.x before 6.0.3 has a \"critical evasion.\"\n\n * CVE-2021-37592: Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.\n\n * CVE-2021-45098: An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option. Then, the client can send an HTTP GET request with a forbidden URL. The server will ignore the RST ACK and send the response HTTP packet for the client's request. These packets will not trigger a Suricata reject action.",
+        "Advisory": {
+          "From": "errata.altlinux.org",
+          "Severity": "Critical",
+          "Rights": "Copyright 2024 BaseALT Ltd.",
+          "Issued": {
+            "Date": "2024-03-18"
+          },
+          "Updated": {
+            "Date": "2024-03-18"
+          },
+          "bdu": [
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
+              "Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+              "Cwe": "CWE-264",
+              "Href": "https://bdu.fstec.ru/vul/2022-01686",
+              "Impact": "High",
+              "Public": "20210630",
+              "CveID": "BDU:2022-01686"
+            },
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
+              "Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
+              "Cwe": "CWE-284, CWE-327",
+              "Href": "https://bdu.fstec.ru/vul/2023-06804",
+              "Impact": "High",
+              "Public": "20210926",
+              "CveID": "BDU:2023-06804"
+            },
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
+              "Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+              "Cwe": "CWE-121, CWE-787",
+              "Href": "https://bdu.fstec.ru/vul/2023-06805",
+              "Impact": "Critical",
+              "Public": "20210727",
+              "CveID": "BDU:2023-06805"
+            }
+          ],
+          "Cves": [
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
+              "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+              "Cwe": "NVD-CWE-noinfo",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-35063",
+              "Impact": "High",
+              "Public": "20210722",
+              "CveID": "CVE-2021-35063"
+            },
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+              "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+              "Cwe": "CWE-787",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37592",
+              "Impact": "Critical",
+              "Public": "20211119",
+              "CveID": "CVE-2021-37592"
+            },
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
+              "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
+              "Cwe": "NVD-CWE-noinfo",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-45098",
+              "Impact": "High",
+              "Public": "20211216",
+              "CveID": "CVE-2021-45098"
+            }
+          ],
+          "AffectedCpeList": {
+            "Cpe": [
+              "cpe:/o:alt:spworkstation:10",
+              "cpe:/o:alt:spserver:10"
+            ]
+          }
+        }
+      },
+      "Criteria": {
+        "Operator": "AND",
+        "Criterions": [
+          {
+            "TestRef": "oval:org.altlinux.errata:tst:4001",
+            "Comment": "ALT Linux must be installed"
+          }
+        ],
+        "Criterias": [
+          {
+            "Operator": "OR",
+            "Criterions": [
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20243982001",
+                "Comment": "suricata is earlier than 0:6.0.10-alt1"
+              }
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}

oval/c10f1/ALT-PU-2024-3982/objects.json

@@ -0,0 +1,34 @@
+{
+  "TextFileContent54Objects": [
+    {
+      "ID": "oval:org.altlinux.errata:obj:4001",
+      "Version": "1",
+      "comment": "Evaluate `/etc/os-release` file content",
+      "Path": {
+        "dataType": "string",
+        "Text": "/etc"
+      },
+      "Filepath": {
+        "Datatype": "string",
+        "Text": "os-release"
+      },
+      "Pattern": {
+        "Datatype": "string",
+        "Operation": "pattern match",
+        "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
+      },
+      "Instance": {
+        "Datatype": "int",
+        "Text": "1"
+      }
+    }
+  ],
+  "RpmInfoObjects": [
+    {
+      "ID": "oval:org.altlinux.errata:obj:20243982001",
+      "Version": "1",
+      "comment": "suricata is installed",
+      "Name": "suricata"
+    }
+  ]
+}

oval/c10f1/ALT-PU-2024-3982/states.json

@@ -0,0 +1,23 @@
+{
+  "TextFileContent54State": [
+    {
+      "ID": "oval:org.altlinux.errata:ste:4001",
+      "Version": "1",
+      "Text": {}
+    }
+  ],
+  "RpmInfoState": [
+    {
+      "ID": "oval:org.altlinux.errata:ste:20243982001",
+      "Version": "1",
+      "Comment": "package EVR is earlier than 0:6.0.10-alt1",
+      "Arch": {},
+      "Evr": {
+        "Text": "0:6.0.10-alt1",
+        "Datatype": "evr_string",
+        "Operation": "less than"
+      },
+      "Subexpression": {}
+    }
+  ]
+}

oval/c10f1/ALT-PU-2024-3982/tests.json

@@ -0,0 +1,30 @@
+{
+  "TextFileContent54Tests": [
+    {
+      "ID": "oval:org.altlinux.errata:tst:4001",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "ALT Linux based on branch 'c10f1' must be installed",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:4001"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:4001"
+      }
+    }
+  ],
+  "RPMInfoTests": [
+    {
+      "ID": "oval:org.altlinux.errata:tst:20243982001",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "suricata is earlier than 0:6.0.10-alt1",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20243982001"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20243982001"
+      }
+    }
+  ]
+}

oval/c10f2/ALT-PU-2024-3683/definitions.json

@@ -0,0 +1,122 @@
+{
+  "Definition": [
+    {
+      "ID": "oval:org.altlinux.errata:def:20243683",
+      "Version": "oval:org.altlinux.errata:def:20243683",
+      "Class": "patch",
+      "Metadata": {
+        "Title": "ALT-PU-2024-3683: package `vault` update to version 1.13.12-alt2",
+        "AffectedList": [
+          {
+            "Family": "unix",
+            "Platforms": [
+              "ALT Linux branch c10f2"
+            ]
+          }
+        ],
+        "References": [
+          {
+            "RefID": "ALT-PU-2024-3683",
+            "RefURL": "https://errata.altlinux.org/ALT-PU-2024-3683",
+            "Source": "ALTPU"
+          },
+          {
+            "RefID": "BDU:2023-08660",
+            "RefURL": "https://bdu.fstec.ru/vul/2023-08660",
+            "Source": "BDU"
+          },
+          {
+            "RefID": "CVE-2023-3775",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3775",
+            "Source": "CVE"
+          },
+          {
+            "RefID": "CVE-2023-4680",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-4680",
+            "Source": "CVE"
+          },
+          {
+            "RefID": "CVE-2023-6337",
+            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-6337",
+            "Source": "CVE"
+          }
+        ],
+        "Description": "This update upgrades vault to version 1.13.12-alt2. \nSecurity Fix(es):\n\n * BDU:2023-08660: Уязвимость компонента max_request_duration платформ для архивирования корпоративной информации HashiCorp Vault и Vault Enterprise, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2023-3775: A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8.\n\n * CVE-2023-4680: HashiCorp Vault and Vault Enterprise transit secrets engine allowed authorized users to specify arbitrary nonces, even with convergent encryption disabled. The encrypt endpoint, in combination with an offline attack, could be used to decrypt arbitrary ciphertext and potentially derive the authentication subkey when using transit secrets engine without convergent encryption. Introduced in 1.6.0 and fixed in 1.14.3, 1.13.7, and 1.12.11.\n\n * CVE-2023-6337: HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of available memory on the host, which may cause Vault to crash.\n\nFixed in Vault 1.15.4, 1.14.8, 1.13.12.\n\n",
+        "Advisory": {
+          "From": "errata.altlinux.org",
+          "Severity": "High",
+          "Rights": "Copyright 2024 BaseALT Ltd.",
+          "Issued": {
+            "Date": "2024-03-18"
+          },
+          "Updated": {
+            "Date": "2024-03-18"
+          },
+          "bdu": [
+            {
+              "Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
+              "Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+              "Cwe": "CWE-770",
+              "Href": "https://bdu.fstec.ru/vul/2023-08660",
+              "Impact": "High",
+              "Public": "20231127",
+              "CveID": "BDU:2023-08660"
+            }
+          ],
+          "Cves": [
+            {
+              "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
+              "Cwe": "NVD-CWE-noinfo",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3775",
+              "Impact": "Low",
+              "Public": "20230929",
+              "CveID": "CVE-2023-3775"
+            },
+            {
+              "Cvss3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
+              "Cwe": "CWE-20",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-4680",
+              "Impact": "Low",
+              "Public": "20230915",
+              "CveID": "CVE-2023-4680"
+            },
+            {
+              "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+              "Cwe": "CWE-770",
+              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-6337",
+              "Impact": "High",
+              "Public": "20231208",
+              "CveID": "CVE-2023-6337"
+            }
+          ],
+          "AffectedCpeList": {
+            "Cpe": [
+              "cpe:/o:alt:spworkstation:10",
+              "cpe:/o:alt:spserver:10"
+            ]
+          }
+        }
+      },
+      "Criteria": {
+        "Operator": "AND",
+        "Criterions": [
+          {
+            "TestRef": "oval:org.altlinux.errata:tst:5001",
+            "Comment": "ALT Linux must be installed"
+          }
+        ],
+        "Criterias": [
+          {
+            "Operator": "OR",
+            "Criterions": [
+              {
+                "TestRef": "oval:org.altlinux.errata:tst:20243683001",
+                "Comment": "vault is earlier than 0:1.13.12-alt2"
+              }
+            ]
+          }
+        ]
+      }
+    }
+  ]
+}

oval/c10f2/ALT-PU-2024-3683/objects.json

@@ -0,0 +1,34 @@
+{
+  "TextFileContent54Objects": [
+    {
+      "ID": "oval:org.altlinux.errata:obj:5001",
+      "Version": "1",
+      "comment": "Evaluate `/etc/os-release` file content",
+      "Path": {
+        "dataType": "string",
+        "Text": "/etc"
+      },
+      "Filepath": {
+        "Datatype": "string",
+        "Text": "os-release"
+      },
+      "Pattern": {
+        "Datatype": "string",
+        "Operation": "pattern match",
+        "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
+      },
+      "Instance": {
+        "Datatype": "int",
+        "Text": "1"
+      }
+    }
+  ],
+  "RpmInfoObjects": [
+    {
+      "ID": "oval:org.altlinux.errata:obj:20243683001",
+      "Version": "1",
+      "comment": "vault is installed",
+      "Name": "vault"
+    }
+  ]
+}

oval/c10f2/ALT-PU-2024-3683/states.json

@@ -0,0 +1,23 @@
+{
+  "TextFileContent54State": [
+    {
+      "ID": "oval:org.altlinux.errata:ste:5001",
+      "Version": "1",
+      "Text": {}
+    }
+  ],
+  "RpmInfoState": [
+    {
+      "ID": "oval:org.altlinux.errata:ste:20243683001",
+      "Version": "1",
+      "Comment": "package EVR is earlier than 0:1.13.12-alt2",
+      "Arch": {},
+      "Evr": {
+        "Text": "0:1.13.12-alt2",
+        "Datatype": "evr_string",
+        "Operation": "less than"
+      },
+      "Subexpression": {}
+    }
+  ]
+}

oval/c10f2/ALT-PU-2024-3683/tests.json

@@ -0,0 +1,30 @@
+{
+  "TextFileContent54Tests": [
+    {
+      "ID": "oval:org.altlinux.errata:tst:5001",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "ALT Linux based on branch 'c10f2' must be installed",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:5001"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:5001"
+      }
+    }
+  ],
+  "RPMInfoTests": [
+    {
+      "ID": "oval:org.altlinux.errata:tst:20243683001",
+      "Version": "1",
+      "Check": "all",
+      "Comment": "vault is earlier than 0:1.13.12-alt2",
+      "Object": {
+        "ObjectRef": "oval:org.altlinux.errata:obj:20243683001"
+      },
+      "State": {
+        "StateRef": "oval:org.altlinux.errata:ste:20243683001"
+      }
+    }
+  ]
+}