From d90dee0dc21b8437c2bb205020c59b23bb1d026c Mon Sep 17 00:00:00 2001 From: pepelyaevip Date: Fri, 13 Dec 2024 03:06:47 +0000 Subject: [PATCH] ALT Vulnerability --- oval/c10f1/ALT-PU-2024-16754/definitions.json | 237 ++++++++++++++++++ oval/c10f1/ALT-PU-2024-16754/objects.json | 34 +++ oval/c10f1/ALT-PU-2024-16754/states.json | 23 ++ oval/c10f1/ALT-PU-2024-16754/tests.json | 30 +++ oval/p10/ALT-PU-2024-16506/definitions.json | 192 ++++++++++++++ oval/p10/ALT-PU-2024-16506/objects.json | 76 ++++++ oval/p10/ALT-PU-2024-16506/states.json | 23 ++ oval/p10/ALT-PU-2024-16506/tests.json | 114 +++++++++ 8 files changed, 729 insertions(+) create mode 100644 oval/c10f1/ALT-PU-2024-16754/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-16754/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-16754/states.json create mode 100644 oval/c10f1/ALT-PU-2024-16754/tests.json create mode 100644 oval/p10/ALT-PU-2024-16506/definitions.json create mode 100644 oval/p10/ALT-PU-2024-16506/objects.json create mode 100644 oval/p10/ALT-PU-2024-16506/states.json create mode 100644 oval/p10/ALT-PU-2024-16506/tests.json diff --git a/oval/c10f1/ALT-PU-2024-16754/definitions.json b/oval/c10f1/ALT-PU-2024-16754/definitions.json new file mode 100644 index 0000000000..b60389aa67 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-16754/definitions.json @@ -0,0 +1,237 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202416754", + "Version": "oval:org.altlinux.errata:def:202416754", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-16754: package `traefik` update to version 2.11.14-alt1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-16754", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-16754", + "Source": "ALTPU" + }, + { + "RefID": "BDU:2024-02688", + "RefURL": "https://bdu.fstec.ru/vul/2024-02688", + "Source": "BDU" + }, + { + "RefID": "BDU:2024-03542", + "RefURL": "https://bdu.fstec.ru/vul/2024-03542", + "Source": "BDU" + }, + { + "RefID": "BDU:2024-04486", + "RefURL": "https://bdu.fstec.ru/vul/2024-04486", + "Source": "BDU" + }, + { + "RefID": "BDU:2024-04789", + "RefURL": "https://bdu.fstec.ru/vul/2024-04789", + "Source": "BDU" + }, + { + "RefID": "BDU:2024-07712", + "RefURL": "https://bdu.fstec.ru/vul/2024-07712", + "Source": "BDU" + }, + { + "RefID": "CVE-2023-45288", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-24787", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-24787", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-24790", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-28869", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-28869", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-35255", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-35255", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-39321", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-39321", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-45410", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-45410", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-52003", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-52003", + "Source": "CVE" + } + ], + "Description": "This update upgrades traefik to version 2.11.14-alt1. \nSecurity Fix(es):\n\n * BDU:2024-02688: Уязвимость библиотек net/http и net/http2 языка программирования Go, связана с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-03542: Уязвимость обратного прокси сервера Containous Traefik, связанная с недостаточной обработкой исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-04486: Уязвимость компонента net-netip языка программирования Golang, связанная с неправильным контролем доступа, позволяющая нарушителю обойти существующую политику ограничения доступа\n\n * BDU:2024-04789: Уязвимость компонентов DefaultAzureCredential и ManagedIdentityCredential библиотек аутентификации Azure Identity Libraries и Microsoft Authentication Library, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2024-07712: Уязвимость обратного прокси сервера Containous Traefik, связанная с недостаточной проверкой подлинности данных, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-45288: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.\n\n * CVE-2024-24787: On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.\n\n * CVE-2024-24790: The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.\n\n * CVE-2024-28869: Traefik is an HTTP reverse proxy and load balancer. In affected versions sending a GET request to any Traefik endpoint with the \"Content-length\" request header results in an indefinite hang with the default configuration. This vulnerability can be exploited by attackers to induce a denial of service. This vulnerability has been addressed in version 2.11.2 and 3.0.0-rc5. Users are advised to upgrade. For affected versions, this vulnerability can be mitigated by configuring the readTimeout option.\n\n\n * CVE-2024-35255: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability\n\n * CVE-2024-39321: Traefik is an HTTP reverse proxy and load balancer. Versions prior to 2.11.6, 3.0.4, and 3.1.0-rc3 have a vulnerability that allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses. Versions 2.11.6, 3.0.4, and 3.1.0-rc3 contain a patch for this issue. No known workarounds are available.\n\n * CVE-2024-45410: Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modify these headers. Since the application trusts the value of these headers, security implications might arise, if they can be modified. For HTTP/1.1, however, it was found that some of theses custom headers can indeed be removed and in certain cases manipulated. The attack relies on the HTTP/1.1 behavior, that headers can be defined as hop-by-hop via the HTTP Connection header. This issue has been addressed in release versions 2.11.9 and 3.1.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n * CVE-2024-52003: Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. There is a vulnerability in Traefik that allows the client to provide the X-Forwarded-Prefix header from an untrusted source. This issue has been addressed in versions 2.11.14 and 3.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Critical", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-12-12" + }, + "Updated": { + "Date": "2024-12-12" + }, + "BDUs": [ + { + "ID": "BDU:2024-02688", + "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P", + "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "CWE": "CWE-400", + "Href": "https://bdu.fstec.ru/vul/2024-02688", + "Impact": "Low", + "Public": "20240404" + }, + { + "ID": "BDU:2024-03542", + "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-755", + "Href": "https://bdu.fstec.ru/vul/2024-03542", + "Impact": "High", + "Public": "20240311" + }, + { + "ID": "BDU:2024-04486", + "CVSS": "AV:L/AC:H/Au:N/C:P/I:C/A:P", + "CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L", + "CWE": "CWE-284", + "Href": "https://bdu.fstec.ru/vul/2024-04486", + "Impact": "Low", + "Public": "20240605" + }, + { + "ID": "BDU:2024-04789", + "CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N", + "CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "CWE": "CWE-362", + "Href": "https://bdu.fstec.ru/vul/2024-04789", + "Impact": "Low", + "Public": "20240611" + }, + { + "ID": "BDU:2024-07712", + "CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C", + "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-345, CWE-348", + "Href": "https://bdu.fstec.ru/vul/2024-07712", + "Impact": "Critical", + "Public": "20240828" + } + ], + "CVEs": [ + { + "ID": "CVE-2023-45288", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288", + "Impact": "None", + "Public": "20240404" + }, + { + "ID": "CVE-2024-24787", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-24787", + "Impact": "None", + "Public": "20240508" + }, + { + "ID": "CVE-2024-24790", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "CWE": "NVD-CWE-noinfo", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", + "Impact": "Critical", + "Public": "20240605" + }, + { + "ID": "CVE-2024-28869", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-28869", + "Impact": "None", + "Public": "20240412" + }, + { + "ID": "CVE-2024-35255", + "CWE": "CWE-362", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-35255", + "Impact": "None", + "Public": "20240611" + }, + { + "ID": "CVE-2024-39321", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-39321", + "Impact": "None", + "Public": "20240705" + }, + { + "ID": "CVE-2024-45410", + "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "CWE": "CWE-345", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-45410", + "Impact": "High", + "Public": "20240919" + }, + { + "ID": "CVE-2024-52003", + "CWE": "CWE-601", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-52003", + "Impact": "None", + "Public": "20241129" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:5001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202416754001", + "Comment": "traefik is earlier than 0:2.11.14-alt1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-16754/objects.json b/oval/c10f1/ALT-PU-2024-16754/objects.json new file mode 100644 index 0000000000..5873ade842 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-16754/objects.json @@ -0,0 +1,34 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:5001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202416754001", + "Version": "1", + "Comment": "traefik is installed", + "Name": "traefik" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-16754/states.json b/oval/c10f1/ALT-PU-2024-16754/states.json new file mode 100644 index 0000000000..1779b22307 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-16754/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:5001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202416754001", + "Version": "1", + "Comment": "package EVR is earlier than 0:2.11.14-alt1", + "Arch": {}, + "EVR": { + "Text": "0:2.11.14-alt1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-16754/tests.json b/oval/c10f1/ALT-PU-2024-16754/tests.json new file mode 100644 index 0000000000..5886b96c55 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-16754/tests.json @@ -0,0 +1,30 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:5001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:5001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:5001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202416754001", + "Version": "1", + "Check": "all", + "Comment": "traefik is earlier than 0:2.11.14-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416754001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416754001" + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-16506/definitions.json b/oval/p10/ALT-PU-2024-16506/definitions.json new file mode 100644 index 0000000000..05c842e967 --- /dev/null +++ b/oval/p10/ALT-PU-2024-16506/definitions.json @@ -0,0 +1,192 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202416506", + "Version": "oval:org.altlinux.errata:def:202416506", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-16506: package `java-17-openjdk` update to version 17.0.13.0.11-alt1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch p10" + ], + "Products": [ + "ALT Server", + "ALT Virtualization Server", + "ALT Workstation", + "ALT Workstation K", + "ALT Education", + "Simply Linux", + "Starterkit", + "ALT Container" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-16506", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-16506", + "Source": "ALTPU" + }, + { + "RefID": "BDU:2024-08450", + "RefURL": "https://bdu.fstec.ru/vul/2024-08450", + "Source": "BDU" + }, + { + "RefID": "BDU:2024-08451", + "RefURL": "https://bdu.fstec.ru/vul/2024-08451", + "Source": "BDU" + }, + { + "RefID": "CVE-2024-21208", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21208", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-21210", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21210", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-21217", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21217", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-21235", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-21235", + "Source": "CVE" + } + ], + "Description": "This update upgrades java-17-openjdk to version 17.0.13.0.11-alt1. \nSecurity Fix(es):\n\n * BDU:2024-08450: Уязвимость компонента Serialization виртуальных машин Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK и программной платформы Oracle Java SE, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-08451: Уязвимость компонента Hotspot виртуальных машин Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK и программной платформы Oracle Java SE, позволяющая нарушителю получить несанкционированный доступ на чтение, изменение или удаление данных\n\n * CVE-2024-21208: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\n\n * CVE-2024-21210: Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).\n\n * CVE-2024-21217: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\n\n * CVE-2024-21235: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-12-12" + }, + "Updated": { + "Date": "2024-12-12" + }, + "BDUs": [ + { + "ID": "BDU:2024-08450", + "CVSS": "AV:N/AC:H/Au:N/C:N/I:N/A:P", + "CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "CWE": "CWE-404", + "Href": "https://bdu.fstec.ru/vul/2024-08450", + "Impact": "Low", + "Public": "20231207" + }, + { + "ID": "BDU:2024-08451", + "CVSS": "AV:N/AC:H/Au:N/C:P/I:P/A:N", + "CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "CWE": "CWE-404", + "Href": "https://bdu.fstec.ru/vul/2024-08451", + "Impact": "Low", + "Public": "20231207" + } + ], + "CVEs": [ + { + "ID": "CVE-2024-21208", + "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21208", + "Impact": "Low", + "Public": "20241015" + }, + { + "ID": "CVE-2024-21210", + "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21210", + "Impact": "Low", + "Public": "20241015" + }, + { + "ID": "CVE-2024-21217", + "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "CWE": "NVD-CWE-noinfo", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21217", + "Impact": "Low", + "Public": "20241015" + }, + { + "ID": "CVE-2024-21235", + "CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "CWE": "NVD-CWE-noinfo", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-21235", + "Impact": "Low", + "Public": "20241015" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:kworkstation:10", + "cpe:/o:alt:workstation:10", + "cpe:/o:alt:server:10", + "cpe:/o:alt:server-v:10", + "cpe:/o:alt:education:10", + "cpe:/o:alt:slinux:10", + "cpe:/o:alt:starterkit:10", + "cpe:/o:alt:starterkit:p10", + "cpe:/o:alt:container:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:2001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202416506001", + "Comment": "java-17-openjdk is earlier than 0:17.0.13.0.11-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202416506002", + "Comment": "java-17-openjdk-demo is earlier than 0:17.0.13.0.11-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202416506003", + "Comment": "java-17-openjdk-devel is earlier than 0:17.0.13.0.11-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202416506004", + "Comment": "java-17-openjdk-headless is earlier than 0:17.0.13.0.11-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202416506005", + "Comment": "java-17-openjdk-javadoc is earlier than 0:17.0.13.0.11-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202416506006", + "Comment": "java-17-openjdk-javadoc-zip is earlier than 0:17.0.13.0.11-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202416506007", + "Comment": "java-17-openjdk-jmods is earlier than 0:17.0.13.0.11-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202416506008", + "Comment": "java-17-openjdk-src is earlier than 0:17.0.13.0.11-alt1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-16506/objects.json b/oval/p10/ALT-PU-2024-16506/objects.json new file mode 100644 index 0000000000..a0ea2af5b2 --- /dev/null +++ b/oval/p10/ALT-PU-2024-16506/objects.json @@ -0,0 +1,76 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:2001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202416506001", + "Version": "1", + "Comment": "java-17-openjdk is installed", + "Name": "java-17-openjdk" + }, + { + "ID": "oval:org.altlinux.errata:obj:202416506002", + "Version": "1", + "Comment": "java-17-openjdk-demo is installed", + "Name": "java-17-openjdk-demo" + }, + { + "ID": "oval:org.altlinux.errata:obj:202416506003", + "Version": "1", + "Comment": "java-17-openjdk-devel is installed", + "Name": "java-17-openjdk-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:202416506004", + "Version": "1", + "Comment": "java-17-openjdk-headless is installed", + "Name": "java-17-openjdk-headless" + }, + { + "ID": "oval:org.altlinux.errata:obj:202416506005", + "Version": "1", + "Comment": "java-17-openjdk-javadoc is installed", + "Name": "java-17-openjdk-javadoc" + }, + { + "ID": "oval:org.altlinux.errata:obj:202416506006", + "Version": "1", + "Comment": "java-17-openjdk-javadoc-zip is installed", + "Name": "java-17-openjdk-javadoc-zip" + }, + { + "ID": "oval:org.altlinux.errata:obj:202416506007", + "Version": "1", + "Comment": "java-17-openjdk-jmods is installed", + "Name": "java-17-openjdk-jmods" + }, + { + "ID": "oval:org.altlinux.errata:obj:202416506008", + "Version": "1", + "Comment": "java-17-openjdk-src is installed", + "Name": "java-17-openjdk-src" + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-16506/states.json b/oval/p10/ALT-PU-2024-16506/states.json new file mode 100644 index 0000000000..4985869da8 --- /dev/null +++ b/oval/p10/ALT-PU-2024-16506/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:2001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202416506001", + "Version": "1", + "Comment": "package EVR is earlier than 0:17.0.13.0.11-alt1", + "Arch": {}, + "EVR": { + "Text": "0:17.0.13.0.11-alt1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-16506/tests.json b/oval/p10/ALT-PU-2024-16506/tests.json new file mode 100644 index 0000000000..bb8060f7f5 --- /dev/null +++ b/oval/p10/ALT-PU-2024-16506/tests.json @@ -0,0 +1,114 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:2001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'p10' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:2001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:2001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202416506001", + "Version": "1", + "Check": "all", + "Comment": "java-17-openjdk is earlier than 0:17.0.13.0.11-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416506001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416506001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202416506002", + "Version": "1", + "Check": "all", + "Comment": "java-17-openjdk-demo is earlier than 0:17.0.13.0.11-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416506002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416506001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202416506003", + "Version": "1", + "Check": "all", + "Comment": "java-17-openjdk-devel is earlier than 0:17.0.13.0.11-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416506003" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416506001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202416506004", + "Version": "1", + "Check": "all", + "Comment": "java-17-openjdk-headless is earlier than 0:17.0.13.0.11-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416506004" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416506001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202416506005", + "Version": "1", + "Check": "all", + "Comment": "java-17-openjdk-javadoc is earlier than 0:17.0.13.0.11-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416506005" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416506001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202416506006", + "Version": "1", + "Check": "all", + "Comment": "java-17-openjdk-javadoc-zip is earlier than 0:17.0.13.0.11-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416506006" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416506001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202416506007", + "Version": "1", + "Check": "all", + "Comment": "java-17-openjdk-jmods is earlier than 0:17.0.13.0.11-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416506007" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416506001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202416506008", + "Version": "1", + "Check": "all", + "Comment": "java-17-openjdk-src is earlier than 0:17.0.13.0.11-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416506008" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416506001" + } + } + ] +} \ No newline at end of file