pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-11-23 15:04:01 +00:00
parent b1153fc0bf
commit 965bfc23c8
35 changed files with 2873 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
oval/c10f1/ALT-PU-2021-2050/definitions.json
View File

@ -121,7 +121,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2022-00513",

2
oval/c10f1/ALT-PU-2021-2199/definitions.json
View File

@ -140,7 +140,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2022-00513",

2
oval/c10f1/ALT-PU-2021-2326/definitions.json
View File

@ -330,7 +330,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2022-00513",

2
oval/c10f1/ALT-PU-2022-1421/definitions.json
View File

@ -1889,7 +1889,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2021-04864",

4
oval/c9f2/ALT-PU-2024-15739/definitions.json
View File

@ -807,10 +807,10 @@
{
"ID": "BDU:2024-08999",
"CVSS": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2024-08999",
"Impact": "Critical",
"Impact": "High",
"Public": "20241002"
},
{

107
oval/c9f2/ALT-PU-2024-15774/definitions.json Normal file
View File

@ -0,0 +1,107 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415774",
"Version": "oval:org.altlinux.errata:def:202415774",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15774: package `python3-module-cryptography` update to version 41.0.7-alt0.c9f2.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15774",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15774",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-02534",
"RefURL": "https://bdu.fstec.ru/vul/2024-02534",
"Source": "BDU"
},
{
"RefID": "CVE-2023-49083",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-49083",
"Source": "CVE"
}
],
"Description": "This update upgrades python3-module-cryptography to version 41.0.7-alt0.c9f2.1. \nSecurity Fix(es):\n\n * BDU:2024-02534: Уязвимость функций load_pem_pkcs7_certificates() и load_der_pkcs7_certificates() пакет cryptography, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2023-49083: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6.\n\n * #48610: Оставляет мусор",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-22"
},
"Updated": {
"Date": "2024-11-22"
},
"BDUs": [
{
"ID": "BDU:2024-02534",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2024-02534",
"Impact": "High",
"Public": "20231129"
}
],
"CVEs": [
{
"ID": "CVE-2023-49083",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-49083",
"Impact": "High",
"Public": "20231129"
}
],
"Bugzilla": [
{
"ID": "48610",
"Href": "https://bugzilla.altlinux.org/48610",
"Data": "Оставляет мусор"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415774001",
"Comment": "python3-module-cryptography is earlier than 0:41.0.7-alt0.c9f2.1"
}
]
}
]
}
}
]
}

34
oval/c9f2/ALT-PU-2024-15774/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415774001",
"Version": "1",
"Comment": "python3-module-cryptography is installed",
"Name": "python3-module-cryptography"
}
]
}

23
oval/c9f2/ALT-PU-2024-15774/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415774001",
"Version": "1",
"Comment": "package EVR is earlier than 0:41.0.7-alt0.c9f2.1",
"Arch": {},
"EVR": {
"Text": "0:41.0.7-alt0.c9f2.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2024-15774/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415774001",
"Version": "1",
"Check": "all",
"Comment": "python3-module-cryptography is earlier than 0:41.0.7-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415774001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415774001"
}
}
]
}

86
oval/c9f2/ALT-PU-2024-15885/definitions.json Normal file
View File

@ -0,0 +1,86 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415885",
"Version": "oval:org.altlinux.errata:def:202415885",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15885: package `isync` update to version 1.4.4-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15885",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15885",
"Source": "ALTPU"
},
{
"RefID": "CVE-2021-3657",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-3657",
"Source": "CVE"
}
],
"Description": "This update upgrades isync to version 1.4.4-alt1. \nSecurity Fix(es):\n\n * CVE-2021-3657: A flaw was found in mbsync versions prior to 1.4.4. Due to inadequate handling of extremely large (\u003e=2GiB) IMAP literals, malicious or compromised IMAP servers, and hypothetically even external email senders, could cause several different buffer overflows, which could conceivably be exploited for remote code execution.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-22"
},
"Updated": {
"Date": "2024-11-22"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2021-3657",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-3657",
"Impact": "Critical",
"Public": "20220218"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415885001",
"Comment": "isync is earlier than 0:1.4.4-alt1"
}
]
}
]
}
}
]
}

34
oval/c9f2/ALT-PU-2024-15885/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415885001",
"Version": "1",
"Comment": "isync is installed",
"Name": "isync"
}
]
}

23
oval/c9f2/ALT-PU-2024-15885/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415885001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.4.4-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.4.4-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/c9f2/ALT-PU-2024-15885/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415885001",
"Version": "1",
"Check": "all",
"Comment": "isync is earlier than 0:1.4.4-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415885001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415885001"
}
}
]
}

213
oval/c9f2/ALT-PU-2024-15905/definitions.json Normal file
View File

@ -0,0 +1,213 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415905",
"Version": "oval:org.altlinux.errata:def:202415905",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15905: package `postgresql12` update to version 12.22-alt0.c9f2.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15905",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15905",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-09679",
"RefURL": "https://bdu.fstec.ru/vul/2024-09679",
"Source": "BDU"
},
{
"RefID": "BDU:2024-09681",
"RefURL": "https://bdu.fstec.ru/vul/2024-09681",
"Source": "BDU"
},
{
"RefID": "BDU:2024-09682",
"RefURL": "https://bdu.fstec.ru/vul/2024-09682",
"Source": "BDU"
},
{
"RefID": "BDU:2024-09684",
"RefURL": "https://bdu.fstec.ru/vul/2024-09684",
"Source": "BDU"
},
{
"RefID": "CVE-2024-10976",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10976",
"Source": "CVE"
},
{
"RefID": "CVE-2024-10977",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10977",
"Source": "CVE"
},
{
"RefID": "CVE-2024-10978",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10978",
"Source": "CVE"
},
{
"RefID": "CVE-2024-10979",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10979",
"Source": "CVE"
}
],
"Description": "This update upgrades postgresql12 to version 12.22-alt0.c9f2.1. \nSecurity Fix(es):\n\n * BDU:2024-09679: Уязвимость переменных среды PL/Perl системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-09681: Уязвимость команд SET ROLE, SET SESSION системы управления базами данных PostgreSQL, позволяющая нарушителю повысить свои привилегии и получить доступ к защищаемой информации\n\n * BDU:2024-09682: Уязвимость компонента libpq системы управления базами данных PostgreSQL, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить атаку типа «человек посередине»\n\n * BDU:2024-09684: Уязвимость политики безопасности таблиц с защитой строк CREATE POLICY системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольные команды\n\n * CVE-2024-10976: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy. This has the same consequences as the two earlier CVEs. That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.\n\n * CVE-2024-10977: Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results. This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.\n\n * CVE-2024-10978: Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker. If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION. The attacker does not control which incorrect user ID applies. Query text from less-privileged sources is not a concern here, because SET ROLE and SET SESSION AUTHORIZATION are not sandboxes for unvetted queries. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.\n\n * CVE-2024-10979: Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-22"
},
"Updated": {
"Date": "2024-11-22"
},
"BDUs": [
{
"ID": "BDU:2024-09679",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-15, CWE-264",
"Href": "https://bdu.fstec.ru/vul/2024-09679",
"Impact": "High",
"Public": "20241114"
},
{
"ID": "BDU:2024-09681",
"CVSS": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"CWE": "CWE-264, CWE-266",
"Href": "https://bdu.fstec.ru/vul/2024-09681",
"Impact": "Low",
"Public": "20241114"
},
{
"ID": "BDU:2024-09682",
"CVSS": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-264, CWE-348",
"Href": "https://bdu.fstec.ru/vul/2024-09682",
"Impact": "Low",
"Public": "20241114"
},
{
"ID": "BDU:2024-09684",
"CVSS": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"CWE": "CWE-264, CWE-1250",
"Href": "https://bdu.fstec.ru/vul/2024-09684",
"Impact": "Low",
"Public": "20241114"
}
],
"CVEs": [
{
"ID": "CVE-2024-10976",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10976",
"Impact": "None",
"Public": "20241114"
},
{
"ID": "CVE-2024-10977",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10977",
"Impact": "None",
"Public": "20241114"
},
{
"ID": "CVE-2024-10978",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10978",
"Impact": "None",
"Public": "20241114"
},
{
"ID": "CVE-2024-10979",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10979",
"Impact": "None",
"Public": "20241114"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415905001",
"Comment": "libecpg6 is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905002",
"Comment": "libpq5 is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905003",
"Comment": "postgresql-devel is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905004",
"Comment": "postgresql-devel-static is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905005",
"Comment": "postgresql12 is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905006",
"Comment": "postgresql12-contrib is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905007",
"Comment": "postgresql12-docs is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905008",
"Comment": "postgresql12-perl is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905009",
"Comment": "postgresql12-python is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905010",
"Comment": "postgresql12-server is earlier than 0:12.22-alt0.c9f2.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415905011",
"Comment": "postgresql12-tcl is earlier than 0:12.22-alt0.c9f2.1"
}
]
}
]
}
}
]
}

94
oval/c9f2/ALT-PU-2024-15905/objects.json Normal file
View File

@ -0,0 +1,94 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415905001",
"Version": "1",
"Comment": "libecpg6 is installed",
"Name": "libecpg6"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905002",
"Version": "1",
"Comment": "libpq5 is installed",
"Name": "libpq5"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905003",
"Version": "1",
"Comment": "postgresql-devel is installed",
"Name": "postgresql-devel"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905004",
"Version": "1",
"Comment": "postgresql-devel-static is installed",
"Name": "postgresql-devel-static"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905005",
"Version": "1",
"Comment": "postgresql12 is installed",
"Name": "postgresql12"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905006",
"Version": "1",
"Comment": "postgresql12-contrib is installed",
"Name": "postgresql12-contrib"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905007",
"Version": "1",
"Comment": "postgresql12-docs is installed",
"Name": "postgresql12-docs"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905008",
"Version": "1",
"Comment": "postgresql12-perl is installed",
"Name": "postgresql12-perl"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905009",
"Version": "1",
"Comment": "postgresql12-python is installed",
"Name": "postgresql12-python"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905010",
"Version": "1",
"Comment": "postgresql12-server is installed",
"Name": "postgresql12-server"
},
{
"ID": "oval:org.altlinux.errata:obj:202415905011",
"Version": "1",
"Comment": "postgresql12-tcl is installed",
"Name": "postgresql12-tcl"
}
]
}

23
oval/c9f2/ALT-PU-2024-15905/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415905001",
"Version": "1",
"Comment": "package EVR is earlier than 0:12.22-alt0.c9f2.1",
"Arch": {},
"EVR": {
"Text": "0:12.22-alt0.c9f2.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

150
oval/c9f2/ALT-PU-2024-15905/tests.json Normal file
View File

@ -0,0 +1,150 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415905001",
"Version": "1",
"Check": "all",
"Comment": "libecpg6 is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905002",
"Version": "1",
"Check": "all",
"Comment": "libpq5 is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905003",
"Version": "1",
"Check": "all",
"Comment": "postgresql-devel is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905004",
"Version": "1",
"Check": "all",
"Comment": "postgresql-devel-static is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905005",
"Version": "1",
"Check": "all",
"Comment": "postgresql12 is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905006",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-contrib is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905007",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-docs is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905008",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-perl is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905009",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-python is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905010",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-server is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415905011",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-tcl is earlier than 0:12.22-alt0.c9f2.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415905011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415905001"
}
}
]
}

197
oval/c9f2/ALT-PU-2024-15907/definitions.json Normal file
View File

@ -0,0 +1,197 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415907",
"Version": "oval:org.altlinux.errata:def:202415907",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15907: package `postgresql12-1C` update to version 12.20-alt0.c9f2.3",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15907",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15907",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-09679",
"RefURL": "https://bdu.fstec.ru/vul/2024-09679",
"Source": "BDU"
},
{
"RefID": "BDU:2024-09681",
"RefURL": "https://bdu.fstec.ru/vul/2024-09681",
"Source": "BDU"
},
{
"RefID": "BDU:2024-09682",
"RefURL": "https://bdu.fstec.ru/vul/2024-09682",
"Source": "BDU"
},
{
"RefID": "BDU:2024-09684",
"RefURL": "https://bdu.fstec.ru/vul/2024-09684",
"Source": "BDU"
},
{
"RefID": "CVE-2024-10976",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10976",
"Source": "CVE"
},
{
"RefID": "CVE-2024-10977",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10977",
"Source": "CVE"
},
{
"RefID": "CVE-2024-10978",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10978",
"Source": "CVE"
},
{
"RefID": "CVE-2024-10979",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-10979",
"Source": "CVE"
}
],
"Description": "This update upgrades postgresql12-1C to version 12.20-alt0.c9f2.3. \nSecurity Fix(es):\n\n * BDU:2024-09679: Уязвимость переменных среды PL/Perl системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-09681: Уязвимость команд SET ROLE, SET SESSION системы управления базами данных PostgreSQL, позволяющая нарушителю повысить свои привилегии и получить доступ к защищаемой информации\n\n * BDU:2024-09682: Уязвимость компонента libpq системы управления базами данных PostgreSQL, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить атаку типа «человек посередине»\n\n * BDU:2024-09684: Уязвимость политики безопасности таблиц с защитой строк CREATE POLICY системы управления базами данных PostgreSQL, позволяющая нарушителю выполнить произвольные команды\n\n * CVE-2024-10976: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy. This has the same consequences as the two earlier CVEs. That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY to define a row security policy. An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.\n\n * CVE-2024-10977: Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistakes for valid query results. This is probably not a concern for clients where the user interface unambiguously indicates the boundary between one error message and other text. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.\n\n * CVE-2024-10978: Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker. If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION. The attacker does not control which incorrect user ID applies. Query text from less-privileged sources is not a concern here, because SET ROLE and SET SESSION AUTHORIZATION are not sandboxes for unvetted queries. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.\n\n * CVE-2024-10979: Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-22"
},
"Updated": {
"Date": "2024-11-22"
},
"BDUs": [
{
"ID": "BDU:2024-09679",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-15, CWE-264",
"Href": "https://bdu.fstec.ru/vul/2024-09679",
"Impact": "High",
"Public": "20241114"
},
{
"ID": "BDU:2024-09681",
"CVSS": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"CWE": "CWE-264, CWE-266",
"Href": "https://bdu.fstec.ru/vul/2024-09681",
"Impact": "Low",
"Public": "20241114"
},
{
"ID": "BDU:2024-09682",
"CVSS": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-264, CWE-348",
"Href": "https://bdu.fstec.ru/vul/2024-09682",
"Impact": "Low",
"Public": "20241114"
},
{
"ID": "BDU:2024-09684",
"CVSS": "AV:N/AC:H/Au:S/C:P/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"CWE": "CWE-264, CWE-1250",
"Href": "https://bdu.fstec.ru/vul/2024-09684",
"Impact": "Low",
"Public": "20241114"
}
],
"CVEs": [
{
"ID": "CVE-2024-10976",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10976",
"Impact": "None",
"Public": "20241114"
},
{
"ID": "CVE-2024-10977",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10977",
"Impact": "None",
"Public": "20241114"
},
{
"ID": "CVE-2024-10978",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10978",
"Impact": "None",
"Public": "20241114"
},
{
"ID": "CVE-2024-10979",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-10979",
"Impact": "None",
"Public": "20241114"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415907001",
"Comment": "postgresql12-1C is earlier than 0:12.20-alt0.c9f2.3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415907002",
"Comment": "postgresql12-1C-contrib is earlier than 0:12.20-alt0.c9f2.3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415907003",
"Comment": "postgresql12-1C-docs is earlier than 0:12.20-alt0.c9f2.3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415907004",
"Comment": "postgresql12-1C-perl is earlier than 0:12.20-alt0.c9f2.3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415907005",
"Comment": "postgresql12-1C-python is earlier than 0:12.20-alt0.c9f2.3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415907006",
"Comment": "postgresql12-1C-server is earlier than 0:12.20-alt0.c9f2.3"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415907007",
"Comment": "postgresql12-1C-tcl is earlier than 0:12.20-alt0.c9f2.3"
}
]
}
]
}
}
]
}

70
oval/c9f2/ALT-PU-2024-15907/objects.json Normal file
View File

@ -0,0 +1,70 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415907001",
"Version": "1",
"Comment": "postgresql12-1C is installed",
"Name": "postgresql12-1C"
},
{
"ID": "oval:org.altlinux.errata:obj:202415907002",
"Version": "1",
"Comment": "postgresql12-1C-contrib is installed",
"Name": "postgresql12-1C-contrib"
},
{
"ID": "oval:org.altlinux.errata:obj:202415907003",
"Version": "1",
"Comment": "postgresql12-1C-docs is installed",
"Name": "postgresql12-1C-docs"
},
{
"ID": "oval:org.altlinux.errata:obj:202415907004",
"Version": "1",
"Comment": "postgresql12-1C-perl is installed",
"Name": "postgresql12-1C-perl"
},
{
"ID": "oval:org.altlinux.errata:obj:202415907005",
"Version": "1",
"Comment": "postgresql12-1C-python is installed",
"Name": "postgresql12-1C-python"
},
{
"ID": "oval:org.altlinux.errata:obj:202415907006",
"Version": "1",
"Comment": "postgresql12-1C-server is installed",
"Name": "postgresql12-1C-server"
},
{
"ID": "oval:org.altlinux.errata:obj:202415907007",
"Version": "1",
"Comment": "postgresql12-1C-tcl is installed",
"Name": "postgresql12-1C-tcl"
}
]
}

23
oval/c9f2/ALT-PU-2024-15907/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415907001",
"Version": "1",
"Comment": "package EVR is earlier than 0:12.20-alt0.c9f2.3",
"Arch": {},
"EVR": {
"Text": "0:12.20-alt0.c9f2.3",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

102
oval/c9f2/ALT-PU-2024-15907/tests.json Normal file
View File

@ -0,0 +1,102 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415907001",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-1C is earlier than 0:12.20-alt0.c9f2.3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415907001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415907001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415907002",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-1C-contrib is earlier than 0:12.20-alt0.c9f2.3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415907002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415907001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415907003",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-1C-docs is earlier than 0:12.20-alt0.c9f2.3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415907003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415907001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415907004",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-1C-perl is earlier than 0:12.20-alt0.c9f2.3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415907004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415907001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415907005",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-1C-python is earlier than 0:12.20-alt0.c9f2.3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415907005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415907001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415907006",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-1C-server is earlier than 0:12.20-alt0.c9f2.3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415907006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415907001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415907007",
"Version": "1",
"Check": "all",
"Comment": "postgresql12-1C-tcl is earlier than 0:12.20-alt0.c9f2.3",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415907007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415907001"
}
}
]
}

578
oval/c9f2/ALT-PU-2024-15954/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

40
oval/c9f2/ALT-PU-2024-15954/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415954001",
"Version": "1",
"Comment": "libpjsip is installed",
"Name": "libpjsip"
},
{
"ID": "oval:org.altlinux.errata:obj:202415954002",
"Version": "1",
"Comment": "libpjsip-devel is installed",
"Name": "libpjsip-devel"
}
]
}

23
oval/c9f2/ALT-PU-2024-15954/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415954001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2.14.1-alt1",
"Arch": {},
"EVR": {
"Text": "0:2.14.1-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c9f2/ALT-PU-2024-15954/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415954001",
"Version": "1",
"Check": "all",
"Comment": "libpjsip is earlier than 0:2.14.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415954001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415954001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415954002",
"Version": "1",
"Check": "all",
"Comment": "libpjsip-devel is earlier than 0:2.14.1-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415954002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415954001"
}
}
]
}

2
oval/p10/ALT-PU-2021-2050/definitions.json
View File

@ -126,7 +126,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2022-00513",

2
oval/p10/ALT-PU-2021-2199/definitions.json
View File

@ -145,7 +145,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2022-00513",

2
oval/p10/ALT-PU-2021-2326/definitions.json
View File

@ -335,7 +335,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2022-00513",

2
oval/p10/ALT-PU-2022-1421/definitions.json
View File

@ -1894,7 +1894,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2021-04864",

366
oval/p10/ALT-PU-2024-15832/definitions.json Normal file
View File

@ -0,0 +1,366 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202415832",
"Version": "oval:org.altlinux.errata:def:202415832",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-15832: package `zabbix` update to version 6.0.36-alt0.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-15832",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-15832",
"Source": "ALTPU"
},
{
"RefID": "BDU:2024-03942",
"RefURL": "https://bdu.fstec.ru/vul/2024-03942",
"Source": "BDU"
},
{
"RefID": "BDU:2024-06995",
"RefURL": "https://bdu.fstec.ru/vul/2024-06995",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07007",
"RefURL": "https://bdu.fstec.ru/vul/2024-07007",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07008",
"RefURL": "https://bdu.fstec.ru/vul/2024-07008",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07009",
"RefURL": "https://bdu.fstec.ru/vul/2024-07009",
"Source": "BDU"
},
{
"RefID": "BDU:2024-07010",
"RefURL": "https://bdu.fstec.ru/vul/2024-07010",
"Source": "BDU"
},
{
"RefID": "CVE-2024-22114",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22114",
"Source": "CVE"
},
{
"RefID": "CVE-2024-22120",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22120",
"Source": "CVE"
},
{
"RefID": "CVE-2024-22121",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22121",
"Source": "CVE"
},
{
"RefID": "CVE-2024-22122",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22122",
"Source": "CVE"
},
{
"RefID": "CVE-2024-22123",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-22123",
"Source": "CVE"
},
{
"RefID": "CVE-2024-36460",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-36460",
"Source": "CVE"
},
{
"RefID": "CVE-2024-36461",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-36461",
"Source": "CVE"
}
],
"Description": "This update upgrades zabbix to version 6.0.36-alt0.p10.1. \nSecurity Fix(es):\n\n * BDU:2024-03942: Уязвимость сервера универсальной системы мониторинга Zabbix Workstation, связанная с ошибками при обработке входных данных, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-06995: Уязвимость универсальной системы мониторинга Zabbix, связанная с ненадлежащим сохранением разрешений, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2024-07007: Уязвимость универсальной системы мониторинга Zabbix, связанная с неправильной нейтрализацией специальных элементов, используемых в команде, позволяющая нарушителю выполнить дополнительные AT-команды на модеме\n\n * BDU:2024-07008: Уязвимость универсальной системы мониторинга Zabbix, связанная с хранением пароля в открытом виде, позволяющая нарушителю получить доступ к конфиденциальной информации\n\n * BDU:2024-07009: Уязвимость универсальной системы мониторинга Zabbix, связанная с неправильным контролем генерации кода, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2024-07010: Уязвимость универсальной системы мониторинга Zabbix, связанная с разыменованием ненадежного указателя, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2024-22114: User with no permission to any of the Hosts can access and view host count \u0026 other statistics through System Information Widget in Global View Dashboard.\n\n * CVE-2024-22120: Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to \"Audit Log\". Due to \"clientip\" field is not sanitized, it is possible to injection SQL into \"clientip\" and exploit time based blind SQL injection.\n\n * CVE-2024-22121: A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application.\n\n * CVE-2024-22122: Zabbix allows to configure SMS notifications. AT command injection occurs on \"Zabbix Server\" because there is no validation of \"Number\" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem.\n\n * CVE-2024-22123: Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbix_server will try to communicate with it as modem. As a result, log file will be broken with AT commands and small part for log file content will be leaked to UI.\n\n * CVE-2024-36460: The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text.\n\n * CVE-2024-36461: Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-11-22"
},
"Updated": {
"Date": "2024-11-22"
},
"BDUs": [
{
"ID": "BDU:2024-03942",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2024-03942",
"Impact": "Critical",
"Public": "20240517"
},
{
"ID": "BDU:2024-06995",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:C/A:P",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"CWE": "CWE-281",
"Href": "https://bdu.fstec.ru/vul/2024-06995",
"Impact": "Low",
"Public": "20240812"
},
{
"ID": "BDU:2024-07007",
"CVSS": "AV:N/AC:H/Au:M/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N",
"CWE": "CWE-77",
"Href": "https://bdu.fstec.ru/vul/2024-07007",
"Impact": "Low",
"Public": "20240812"
},
{
"ID": "BDU:2024-07008",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:N",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"CWE": "CWE-256",
"Href": "https://bdu.fstec.ru/vul/2024-07008",
"Impact": "High",
"Public": "20240812"
},
{
"ID": "BDU:2024-07009",
"CVSS": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"CVSS3": "AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"CWE": "CWE-94",
"Href": "https://bdu.fstec.ru/vul/2024-07009",
"Impact": "Low",
"Public": "20240812"
},
{
"ID": "BDU:2024-07010",
"CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:C",
"CVSS3": "AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H",
"CWE": "CWE-822",
"Href": "https://bdu.fstec.ru/vul/2024-07010",
"Impact": "Critical",
"Public": "20240812"
}
],
"CVEs": [
{
"ID": "CVE-2024-22114",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-22114",
"Impact": "None",
"Public": "20240812"
},
{
"ID": "CVE-2024-22120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-22120",
"Impact": "None",
"Public": "20240517"
},
{
"ID": "CVE-2024-22121",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-22121",
"Impact": "None",
"Public": "20240812"
},
{
"ID": "CVE-2024-22122",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-22122",
"Impact": "None",
"Public": "20240812"
},
{
"ID": "CVE-2024-22123",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-22123",
"Impact": "None",
"Public": "20240812"
},
{
"ID": "CVE-2024-36460",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-36460",
"Impact": "None",
"Public": "20240812"
},
{
"ID": "CVE-2024-36461",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-36461",
"Impact": "None",
"Public": "20240812"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202415832001",
"Comment": "zabbix-agent is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832002",
"Comment": "zabbix-agent-sudo is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832003",
"Comment": "zabbix-agent2 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832004",
"Comment": "zabbix-common is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832005",
"Comment": "zabbix-common-database-mysql is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832006",
"Comment": "zabbix-common-database-pgsql is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832007",
"Comment": "zabbix-common-database-sqlite3 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832008",
"Comment": "zabbix-contrib is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832009",
"Comment": "zabbix-doc is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832010",
"Comment": "zabbix-java-gateway is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832011",
"Comment": "zabbix-phpfrontend-apache2 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832012",
"Comment": "zabbix-phpfrontend-apache2-mod_php7 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832013",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832014",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832015",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832016",
"Comment": "zabbix-phpfrontend-engine is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832017",
"Comment": "zabbix-phpfrontend-php7 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832018",
"Comment": "zabbix-phpfrontend-php8.0 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832019",
"Comment": "zabbix-phpfrontend-php8.1 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832020",
"Comment": "zabbix-phpfrontend-php8.2 is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832021",
"Comment": "zabbix-proxy is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832022",
"Comment": "zabbix-proxy-common is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832023",
"Comment": "zabbix-proxy-pgsql is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832024",
"Comment": "zabbix-server-common is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832025",
"Comment": "zabbix-server-mysql is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832026",
"Comment": "zabbix-server-pgsql is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832027",
"Comment": "zabbix-source is earlier than 1:6.0.36-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202415832028",
"Comment": "zabbix-web-service is earlier than 1:6.0.36-alt0.p10.1"
}
]
}
]
}
}
]
}

196
oval/p10/ALT-PU-2024-15832/objects.json Normal file
View File

@ -0,0 +1,196 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202415832001",
"Version": "1",
"Comment": "zabbix-agent is installed",
"Name": "zabbix-agent"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832002",
"Version": "1",
"Comment": "zabbix-agent-sudo is installed",
"Name": "zabbix-agent-sudo"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832003",
"Version": "1",
"Comment": "zabbix-agent2 is installed",
"Name": "zabbix-agent2"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832004",
"Version": "1",
"Comment": "zabbix-common is installed",
"Name": "zabbix-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832005",
"Version": "1",
"Comment": "zabbix-common-database-mysql is installed",
"Name": "zabbix-common-database-mysql"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832006",
"Version": "1",
"Comment": "zabbix-common-database-pgsql is installed",
"Name": "zabbix-common-database-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832007",
"Version": "1",
"Comment": "zabbix-common-database-sqlite3 is installed",
"Name": "zabbix-common-database-sqlite3"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832008",
"Version": "1",
"Comment": "zabbix-contrib is installed",
"Name": "zabbix-contrib"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832009",
"Version": "1",
"Comment": "zabbix-doc is installed",
"Name": "zabbix-doc"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832010",
"Version": "1",
"Comment": "zabbix-java-gateway is installed",
"Name": "zabbix-java-gateway"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832011",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2 is installed",
"Name": "zabbix-phpfrontend-apache2"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832012",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php7 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php7"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832013",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832014",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.1"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832015",
"Version": "1",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is installed",
"Name": "zabbix-phpfrontend-apache2-mod_php8.2"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832016",
"Version": "1",
"Comment": "zabbix-phpfrontend-engine is installed",
"Name": "zabbix-phpfrontend-engine"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832017",
"Version": "1",
"Comment": "zabbix-phpfrontend-php7 is installed",
"Name": "zabbix-phpfrontend-php7"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832018",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.0 is installed",
"Name": "zabbix-phpfrontend-php8.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832019",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.1 is installed",
"Name": "zabbix-phpfrontend-php8.1"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832020",
"Version": "1",
"Comment": "zabbix-phpfrontend-php8.2 is installed",
"Name": "zabbix-phpfrontend-php8.2"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832021",
"Version": "1",
"Comment": "zabbix-proxy is installed",
"Name": "zabbix-proxy"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832022",
"Version": "1",
"Comment": "zabbix-proxy-common is installed",
"Name": "zabbix-proxy-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832023",
"Version": "1",
"Comment": "zabbix-proxy-pgsql is installed",
"Name": "zabbix-proxy-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832024",
"Version": "1",
"Comment": "zabbix-server-common is installed",
"Name": "zabbix-server-common"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832025",
"Version": "1",
"Comment": "zabbix-server-mysql is installed",
"Name": "zabbix-server-mysql"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832026",
"Version": "1",
"Comment": "zabbix-server-pgsql is installed",
"Name": "zabbix-server-pgsql"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832027",
"Version": "1",
"Comment": "zabbix-source is installed",
"Name": "zabbix-source"
},
{
"ID": "oval:org.altlinux.errata:obj:202415832028",
"Version": "1",
"Comment": "zabbix-web-service is installed",
"Name": "zabbix-web-service"
}
]
}

23
oval/p10/ALT-PU-2024-15832/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202415832001",
"Version": "1",
"Comment": "package EVR is earlier than 1:6.0.36-alt0.p10.1",
"Arch": {},
"EVR": {
"Text": "1:6.0.36-alt0.p10.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

354
oval/p10/ALT-PU-2024-15832/tests.json Normal file
View File

@ -0,0 +1,354 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202415832001",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832002",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent-sudo is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832003",
"Version": "1",
"Check": "all",
"Comment": "zabbix-agent2 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832004",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832005",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-mysql is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832006",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-pgsql is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832007",
"Version": "1",
"Check": "all",
"Comment": "zabbix-common-database-sqlite3 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832008",
"Version": "1",
"Check": "all",
"Comment": "zabbix-contrib is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832009",
"Version": "1",
"Check": "all",
"Comment": "zabbix-doc is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832010",
"Version": "1",
"Check": "all",
"Comment": "zabbix-java-gateway is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832011",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832011"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832012",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php7 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832012"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832013",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.0 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832013"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832014",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.1 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832014"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832015",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-apache2-mod_php8.2 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832015"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832016",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-engine is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832016"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832017",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php7 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832017"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832018",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.0 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832018"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832019",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.1 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832019"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832020",
"Version": "1",
"Check": "all",
"Comment": "zabbix-phpfrontend-php8.2 is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832020"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832021",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832021"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832022",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy-common is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832022"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832023",
"Version": "1",
"Check": "all",
"Comment": "zabbix-proxy-pgsql is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832023"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832024",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-common is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832024"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832025",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-mysql is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832025"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832026",
"Version": "1",
"Check": "all",
"Comment": "zabbix-server-pgsql is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832026"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832027",
"Version": "1",
"Check": "all",
"Comment": "zabbix-source is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832027"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202415832028",
"Version": "1",
"Check": "all",
"Comment": "zabbix-web-service is earlier than 1:6.0.36-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202415832028"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202415832001"
}
}
]
}

2
oval/p9/ALT-PU-2021-2330/definitions.json
View File

@ -335,7 +335,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2022-00513",

2
oval/p9/ALT-PU-2021-3481/definitions.json
View File

@ -571,7 +571,7 @@
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-04859",
"Impact": "Low",
"Public": "20210530"
"Public": "20210531"
},
{
"ID": "BDU:2021-04867",