pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-12-20 15:05:16 +00:00
parent ee0bf0faf1
commit 9306fa8d3f
10 changed files with 407 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
oval/c10f1/ALT-PU-2024-17376/definitions.json Normal file
View File

@ -0,0 +1,124 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202417376",
"Version": "oval:org.altlinux.errata:def:202417376",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-17376: package `python3-module-certifi` update to version 2024.8.30-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-17376",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-17376",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-05463",
"RefURL": "https://bdu.fstec.ru/vul/2023-05463",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07771",
"RefURL": "https://bdu.fstec.ru/vul/2024-07771",
"Source": "BDU"
},
{
"RefID": "CVE-2023-37920",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-37920",
"Source": "CVE"
},
{
"RefID": "CVE-2024-39689",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-39689",
"Source": "CVE"
}
],
"Description": "This update upgrades python3-module-certifi to version 2024.8.30-alt1. \nSecurity Fix(es):\n\n * BDU:2023-05463: Уязвимость корневых сертификатов e-Tugra пакета для проверки надежности сертификатов SSL Certifi, позволяющая нарушителю реализовать атаку типа «человек посередине»\n\n * BDU:2024-07771: Уязвимость пакета для проверки надежности сертификатов SSL Certifi, связанная с недостаточной проверкой подлинности данных, позволяющая нарушителю оказать влияние на целостность защищаемой информации\n\n * CVE-2023-37920: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes \"e-Tugra\" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from \"e-Tugra\" from the root store.\n\n * CVE-2024-39689: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.07.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified \"long-running and unresolved compliance issues.\"",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-20"
},
"Updated": {
"Date": "2024-12-20"
},
"BDUs": [
{
"ID": "BDU:2023-05463",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-345",
"Href": "https://bdu.fstec.ru/vul/2023-05463",
"Impact": "High",
"Public": "20230725"
},
{
"ID": "BDU:2024-07771",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-345",
"Href": "https://bdu.fstec.ru/vul/2024-07771",
"Impact": "High",
"Public": "20240704"
}
],
"CVEs": [
{
"ID": "CVE-2023-37920",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-37920",
"Impact": "Critical",
"Public": "20230725"
},
{
"ID": "CVE-2024-39689",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-39689",
"Impact": "None",
"Public": "20240705"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202417376001",
"Comment": "python3-module-certifi is earlier than 0:2024.8.30-alt1"
}
]
}
]
}
}
]
}

34
oval/c10f1/ALT-PU-2024-17376/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:5001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202417376001",
"Version": "1",
"Comment": "python3-module-certifi is installed",
"Name": "python3-module-certifi"
}
]
}

23
oval/c10f1/ALT-PU-2024-17376/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:5001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202417376001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2024.8.30-alt1",
"Arch": {},
"EVR": {
"Text": "0:2024.8.30-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c10f1/ALT-PU-2024-17376/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:5001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:5001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:5001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202417376001",
"Version": "1",
"Check": "all",
"Comment": "python3-module-certifi is earlier than 0:2024.8.30-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202417376001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202417376001"
}
}
]
}

29
oval/c9f2/ALT-PU-2024-17009/definitions.json
View File

@ -34,6 +34,11 @@
"RefURL": "https://bdu.fstec.ru/vul/2024-06478",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07097",
"RefURL": "https://bdu.fstec.ru/vul/2024-07097",
"Source": "BDU"
},
{
"RefID": "CVE-2024-41957",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41957",
@ -44,13 +49,18 @@
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-41965",
"Source": "CVE"
},
{
"RefID": "CVE-2024-43374",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-43374",
"Source": "CVE"
},
{
"RefID": "CVE-2024-45306",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-45306",
"Source": "CVE"
}
],
"Description": "This update upgrades vim to version 9.1.0917-alt2. \nSecurity Fix(es):\n\n * BDU:2024-06299: Уязвимость компонента File Name Handler текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2024-06478: Уязвимость функции tagstack_clear_entry() файла src/alloc.c текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2024-41957: Vim is an open source command line text editor. Vim \u003c v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-default flags,\nbut it may cause a crash of Vim. The issue has been fixed as of Vim patch v9.1.0647\n\n * CVE-2024-41965: Vim is an open source command line text editor. double-free in dialog_changed() in Vim \u003c v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a name yet. However, when setting the buffer name to Unnamed, Vim will falsely free a pointer twice, leading to a double-free and possibly later to a heap-use-after-free, which can lead to a crash. The issue has been fixed as of Vim patch v9.1.0648.\n\n * CVE-2024-45306: Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.\n\n * #49541: vim-common and vim-minimal conflict on merged-usr\n\n * #51821: Для закрытия CVE-2024-43374 необходимо обновить пакет\n\n * #52413: Конфликт: файл /usr/share/vim/ftplugin/mediawiki.vim из устанавливаемого пакета vim-plugin-mediawiki-syntax-0.0-alt5.noarch конфликтует с файлом из пакета vim-common-4:9.1.0917-alt1.noarch",
"Description": "This update upgrades vim to version 9.1.0917-alt2. \nSecurity Fix(es):\n\n * BDU:2024-06299: Уязвимость компонента File Name Handler текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2024-06478: Уязвимость функции tagstack_clear_entry() файла src/alloc.c текстового редактора vim, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2024-07097: Уязвимость функции alist_add() текстового редактора vim, позволяющая нарушителю выполнить произвольные автокоманды\n\n * CVE-2024-41957: Vim is an open source command line text editor. Vim \u003c v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points to the same tagstack data, Vim will try to free it again, resulting in a double-free/use-after-free access exception. Impact is low since the user must intentionally execute vim with several non-default flags,\nbut it may cause a crash of Vim. The issue has been fixed as of Vim patch v9.1.0647\n\n * CVE-2024-41965: Vim is an open source command line text editor. double-free in dialog_changed() in Vim \u003c v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a name yet. However, when setting the buffer name to Unnamed, Vim will falsely free a pointer twice, leading to a double-free and possibly later to a heap-use-after-free, which can lead to a crash. The issue has been fixed as of Vim patch v9.1.0648.\n\n * CVE-2024-43374: The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this triggers `Buf*` autocommands. If in such an autocommand the buffer that was just opened is closed (including the window where it is shown), this causes the window structure to be freed which contains a reference to the argument list that we are actually modifying. Once the autocommands are completed, the references to the window and argument list are no longer valid and as such cause an use-after-free. Impact is low since the user must either intentionally add some unusual autocommands that wipe a buffer during creation (either manually or by sourcing a malicious plugin), but it will crash Vim. The issue has been fixed as of Vim patch v9.1.0678.\n\n * CVE-2024-45306: Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of\na line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at\nthe specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade.\n\n * #49541: vim-common and vim-minimal conflict on merged-usr\n\n * #51821: Для закрытия CVE-2024-43374 необходимо обновить пакет\n\n * #52413: Конфликт: файл /usr/share/vim/ftplugin/mediawiki.vim из устанавливаемого пакета vim-plugin-mediawiki-syntax-0.0-alt5.noarch конфликтует с файлом из пакета vim-common-4:9.1.0917-alt1.noarch",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
@ -59,7 +69,7 @@
"Date": "2024-12-17"
},
"Updated": {
"Date": "2024-12-17"
"Date": "2024-12-20"
},
"BDUs": [
{
@ -79,6 +89,15 @@
"Href": "https://bdu.fstec.ru/vul/2024-06478",
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "BDU:2024-07097",
"CVSS": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-07097",
"Impact": "Low",
"Public": "20240815"
}
],
"CVEs": [
@ -98,6 +117,12 @@
"Impact": "Low",
"Public": "20240801"
},
{
"ID": "CVE-2024-43374",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-43374",
"Impact": "None",
"Public": "20240816"
},
{
"ID": "CVE-2024-45306",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",

82
oval/p11/ALT-PU-2023-8446/definitions.json Normal file
View File

@ -0,0 +1,82 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20238446",
"Version": "oval:org.altlinux.errata:def:20238446",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2023-8446: package `python3-module-certifi` update to version 2023.5.7-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2023-8446",
"RefURL": "https://errata.altlinux.org/ALT-PU-2023-8446",
"Source": "ALTPU"
},
{
"RefID": "CVE-2022-23491",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491",
"Source": "CVE"
}
],
"Description": "This update upgrades python3-module-certifi to version 2023.5.7-alt1. \nSecurity Fix(es):\n\n * CVE-2022-23491: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from \"TrustCor\" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-12-20"
},
"Updated": {
"Date": "2024-12-20"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2022-23491",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491",
"Impact": "High",
"Public": "20221207"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20238446001",
"Comment": "python3-module-certifi is earlier than 0:2023.5.7-alt1"
}
]
}
]
}
}
]
}

34
oval/p11/ALT-PU-2023-8446/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:20238446001",
"Version": "1",
"Comment": "python3-module-certifi is installed",
"Name": "python3-module-certifi"
}
]
}

23
oval/p11/ALT-PU-2023-8446/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:20238446001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2023.5.7-alt1",
"Arch": {},
"EVR": {
"Text": "0:2023.5.7-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p11/ALT-PU-2023-8446/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p11' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:20238446001",
"Version": "1",
"Check": "all",
"Comment": "python3-module-certifi is earlier than 0:2023.5.7-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:20238446001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:20238446001"
}
}
]
}

1
oval/p9/ALT-PU-2023-1260/definitions.json
View File

@ -256,7 +256,6 @@
{
"ID": "CVE-2006-20001",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2006-20001",
"Impact": "High",
"Public": "20230117"