pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ALT Vulnerability

Browse Source
This commit is contained in:
Иван Пепеляев 2024-09-19 03:04:37 +00:00
parent d645802a49
commit dc0e536382
36 changed files with 3619 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
oval/c10f1/ALT-PU-2024-11773/definitions.json Normal file
View File

@ -0,0 +1,104 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202411773",
"Version": "oval:org.altlinux.errata:def:202411773",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-11773: package `openstack-cinder` update to version 22.1.1-alt1.p10",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-11773",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-11773",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-00689",
"RefURL": "https://bdu.fstec.ru/vul/2023-00689",
"Source": "BDU"
},
{
"RefID": "CVE-2022-47951",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-47951",
"Source": "CVE"
}
],
"Description": "This update upgrades openstack-cinder to version 22.1.1-alt1.p10. \nSecurity Fix(es):\n\n * BDU:2023-00689: Уязвимость сервиса блочного хранения данных Openstack Cinder, связанная с использованием файлов и каталогов, доступных внешним сторонам, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2022-47951: An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-08-28"
},
"Updated": {
"Date": "2024-08-28"
},
"BDUs": [
{
"ID": "BDU:2023-00689",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:P/A:P",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"CWE": "CWE-552",
"Href": "https://bdu.fstec.ru/vul/2023-00689",
"Impact": "High",
"Public": "20230124"
}
],
"CVEs": [
{
"ID": "CVE-2022-47951",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-22",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-47951",
"Impact": "Low",
"Public": "20230126"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202411773001",
"Comment": "openstack-cinder is earlier than 1:22.1.1-alt1.p10"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202411773002",
"Comment": "python3-module-cinder is earlier than 1:22.1.1-alt1.p10"
}
]
}
]
}
}
]
}

40
oval/c10f1/ALT-PU-2024-11773/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202411773001",
"Version": "1",
"Comment": "openstack-cinder is installed",
"Name": "openstack-cinder"
},
{
"ID": "oval:org.altlinux.errata:obj:202411773002",
"Version": "1",
"Comment": "python3-module-cinder is installed",
"Name": "python3-module-cinder"
}
]
}

23
oval/c10f1/ALT-PU-2024-11773/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202411773001",
"Version": "1",
"Comment": "package EVR is earlier than 1:22.1.1-alt1.p10",
"Arch": {},
"EVR": {
"Text": "1:22.1.1-alt1.p10",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c10f1/ALT-PU-2024-11773/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202411773001",
"Version": "1",
"Check": "all",
"Comment": "openstack-cinder is earlier than 1:22.1.1-alt1.p10",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411773001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411773001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202411773002",
"Version": "1",
"Check": "all",
"Comment": "python3-module-cinder is earlier than 1:22.1.1-alt1.p10",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202411773002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202411773001"
}
}
]
}

542
oval/c10f1/ALT-PU-2024-12053/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

88
oval/c10f1/ALT-PU-2024-12053/objects.json Normal file
View File

@ -0,0 +1,88 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412053001",
"Version": "1",
"Comment": "kernel-doc-un is installed",
"Name": "kernel-doc-un"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053002",
"Version": "1",
"Comment": "kernel-headers-modules-un-def is installed",
"Name": "kernel-headers-modules-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053003",
"Version": "1",
"Comment": "kernel-headers-un-def is installed",
"Name": "kernel-headers-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053004",
"Version": "1",
"Comment": "kernel-image-domU-un-def is installed",
"Name": "kernel-image-domU-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053005",
"Version": "1",
"Comment": "kernel-image-un-def is installed",
"Name": "kernel-image-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053006",
"Version": "1",
"Comment": "kernel-image-un-def-checkinstall is installed",
"Name": "kernel-image-un-def-checkinstall"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053007",
"Version": "1",
"Comment": "kernel-modules-drm-ancient-un-def is installed",
"Name": "kernel-modules-drm-ancient-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053008",
"Version": "1",
"Comment": "kernel-modules-drm-nouveau-un-def is installed",
"Name": "kernel-modules-drm-nouveau-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053009",
"Version": "1",
"Comment": "kernel-modules-drm-un-def is installed",
"Name": "kernel-modules-drm-un-def"
},
{
"ID": "oval:org.altlinux.errata:obj:202412053010",
"Version": "1",
"Comment": "kernel-modules-staging-un-def is installed",
"Name": "kernel-modules-staging-un-def"
}
]
}

23
oval/c10f1/ALT-PU-2024-12053/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412053001",
"Version": "1",
"Comment": "package EVR is earlier than 1:6.1.107-alt0.c10f.1",
"Arch": {},
"EVR": {
"Text": "1:6.1.107-alt0.c10f.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

138
oval/c10f1/ALT-PU-2024-12053/tests.json Normal file
View File

@ -0,0 +1,138 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412053001",
"Version": "1",
"Check": "all",
"Comment": "kernel-doc-un is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053002",
"Version": "1",
"Check": "all",
"Comment": "kernel-headers-modules-un-def is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053003",
"Version": "1",
"Check": "all",
"Comment": "kernel-headers-un-def is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053004",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-domU-un-def is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053005",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-un-def is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053006",
"Version": "1",
"Check": "all",
"Comment": "kernel-image-un-def-checkinstall is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053006"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053007",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-ancient-un-def is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053007"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053008",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053008"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053009",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-drm-un-def is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053009"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412053010",
"Version": "1",
"Check": "all",
"Comment": "kernel-modules-staging-un-def is earlier than 1:6.1.107-alt0.c10f.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412053010"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412053001"
}
}
]
}

102
oval/c10f1/ALT-PU-2024-12456/definitions.json Normal file
View File

@ -0,0 +1,102 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202412456",
"Version": "oval:org.altlinux.errata:def:202412456",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-12456: package `gst-plugins-bad1.0` update to version 1.20.7-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-12456",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12456",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-08257",
"RefURL": "https://bdu.fstec.ru/vul/2023-08257",
"Source": "BDU"
},
{
"RefID": "CVE-2023-44446",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-44446",
"Source": "CVE"
}
],
"Description": "This update upgrades gst-plugins-bad1.0 to version 1.20.7-alt1. \nSecurity Fix(es):\n\n * BDU:2023-08257: Уязвимость парсера MXF-файлов мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-44446: GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22299.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-11"
},
"Updated": {
"Date": "2024-09-11"
},
"BDUs": [
{
"ID": "BDU:2023-08257",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-08257",
"Impact": "High",
"Public": "20231019"
}
],
"CVEs": [
{
"ID": "CVE-2023-44446",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-44446",
"Impact": "None",
"Public": "20240503"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202412456001",
"Comment": "gst-plugins-bad1.0 is earlier than 0:1.20.7-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412456002",
"Comment": "gst-plugins-bad1.0-devel is earlier than 0:1.20.7-alt1"
}
]
}
]
}
}
]
}

40
oval/c10f1/ALT-PU-2024-12456/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412456001",
"Version": "1",
"Comment": "gst-plugins-bad1.0 is installed",
"Name": "gst-plugins-bad1.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202412456002",
"Version": "1",
"Comment": "gst-plugins-bad1.0-devel is installed",
"Name": "gst-plugins-bad1.0-devel"
}
]
}

23
oval/c10f1/ALT-PU-2024-12456/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412456001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.20.7-alt1",
"Arch": {},
"EVR": {
"Text": "0:1.20.7-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c10f1/ALT-PU-2024-12456/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412456001",
"Version": "1",
"Check": "all",
"Comment": "gst-plugins-bad1.0 is earlier than 0:1.20.7-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412456001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412456001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412456002",
"Version": "1",
"Check": "all",
"Comment": "gst-plugins-bad1.0-devel is earlier than 0:1.20.7-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412456002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412456001"
}
}
]
}

104
oval/c10f1/ALT-PU-2024-12521/definitions.json Normal file
View File

@ -0,0 +1,104 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202412521",
"Version": "oval:org.altlinux.errata:def:202412521",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-12521: package `openstack-cinder` update to version 22.1.1-alt1.c10f1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-12521",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12521",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-00689",
"RefURL": "https://bdu.fstec.ru/vul/2023-00689",
"Source": "BDU"
},
{
"RefID": "CVE-2022-47951",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-47951",
"Source": "CVE"
}
],
"Description": "This update upgrades openstack-cinder to version 22.1.1-alt1.c10f1. \nSecurity Fix(es):\n\n * BDU:2023-00689: Уязвимость сервиса блочного хранения данных Openstack Cinder, связанная с использованием файлов и каталогов, доступных внешним сторонам, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2022-47951: An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-18"
},
"Updated": {
"Date": "2024-09-18"
},
"BDUs": [
{
"ID": "BDU:2023-00689",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:P/A:P",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"CWE": "CWE-552",
"Href": "https://bdu.fstec.ru/vul/2023-00689",
"Impact": "High",
"Public": "20230124"
}
],
"CVEs": [
{
"ID": "CVE-2022-47951",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"CWE": "CWE-22",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-47951",
"Impact": "Low",
"Public": "20230126"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202412521001",
"Comment": "openstack-cinder is earlier than 1:22.1.1-alt1.c10f1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412521002",
"Comment": "python3-module-cinder is earlier than 1:22.1.1-alt1.c10f1"
}
]
}
]
}
}
]
}

40
oval/c10f1/ALT-PU-2024-12521/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412521001",
"Version": "1",
"Comment": "openstack-cinder is installed",
"Name": "openstack-cinder"
},
{
"ID": "oval:org.altlinux.errata:obj:202412521002",
"Version": "1",
"Comment": "python3-module-cinder is installed",
"Name": "python3-module-cinder"
}
]
}

23
oval/c10f1/ALT-PU-2024-12521/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412521001",
"Version": "1",
"Comment": "package EVR is earlier than 1:22.1.1-alt1.c10f1",
"Arch": {},
"EVR": {
"Text": "1:22.1.1-alt1.c10f1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c10f1/ALT-PU-2024-12521/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412521001",
"Version": "1",
"Check": "all",
"Comment": "openstack-cinder is earlier than 1:22.1.1-alt1.c10f1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412521001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412521001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412521002",
"Version": "1",
"Check": "all",
"Comment": "python3-module-cinder is earlier than 1:22.1.1-alt1.c10f1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412521002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412521001"
}
}
]
}

102
oval/c10f1/ALT-PU-2024-12861/definitions.json Normal file
View File

@ -0,0 +1,102 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202412861",
"Version": "oval:org.altlinux.errata:def:202412861",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-12861: package `gst-plugins-bad1.0` update to version 1.20.7-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-12861",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12861",
"Source": "ALTPU"
},
{
"RefID": "BDU:2023-08257",
"RefURL": "https://bdu.fstec.ru/vul/2023-08257",
"Source": "BDU"
},
{
"RefID": "CVE-2023-44446",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-44446",
"Source": "CVE"
}
],
"Description": "This update upgrades gst-plugins-bad1.0 to version 1.20.7-alt2. \nSecurity Fix(es):\n\n * BDU:2023-08257: Уязвимость парсера MXF-файлов мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код\n\n * CVE-2023-44446: GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.\n\nThe specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22299.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-18"
},
"Updated": {
"Date": "2024-09-18"
},
"BDUs": [
{
"ID": "BDU:2023-08257",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-119, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-08257",
"Impact": "High",
"Public": "20231019"
}
],
"CVEs": [
{
"ID": "CVE-2023-44446",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-44446",
"Impact": "None",
"Public": "20240503"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202412861001",
"Comment": "gst-plugins-bad1.0 is earlier than 0:1.20.7-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412861002",
"Comment": "gst-plugins-bad1.0-devel is earlier than 0:1.20.7-alt2"
}
]
}
]
}
}
]
}

40
oval/c10f1/ALT-PU-2024-12861/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:4001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412861001",
"Version": "1",
"Comment": "gst-plugins-bad1.0 is installed",
"Name": "gst-plugins-bad1.0"
},
{
"ID": "oval:org.altlinux.errata:obj:202412861002",
"Version": "1",
"Comment": "gst-plugins-bad1.0-devel is installed",
"Name": "gst-plugins-bad1.0-devel"
}
]
}

23
oval/c10f1/ALT-PU-2024-12861/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:4001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412861001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.20.7-alt2",
"Arch": {},
"EVR": {
"Text": "0:1.20.7-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/c10f1/ALT-PU-2024-12861/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:4001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c10f1' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:4001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:4001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412861001",
"Version": "1",
"Check": "all",
"Comment": "gst-plugins-bad1.0 is earlier than 0:1.20.7-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412861001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412861001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412861002",
"Version": "1",
"Check": "all",
"Comment": "gst-plugins-bad1.0-devel is earlier than 0:1.20.7-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412861002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412861001"
}
}
]
}

139
oval/c9f2/ALT-PU-2024-12804/definitions.json Normal file
View File

@ -0,0 +1,139 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202412804",
"Version": "oval:org.altlinux.errata:def:202412804",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-12804: package `zoneminder` update to version 1.36.34-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-12804",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12804",
"Source": "ALTPU"
},
{
"RefID": "CVE-2023-41884",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-41884",
"Source": "CVE"
},
{
"RefID": "CVE-2024-43358",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-43358",
"Source": "CVE"
},
{
"RefID": "CVE-2024-43359",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-43359",
"Source": "CVE"
},
{
"RefID": "CVE-2024-43360",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-43360",
"Source": "CVE"
}
],
"Description": "This update upgrades zoneminder to version 1.36.34-alt2. \nSecurity Fix(es):\n\n * CVE-2023-41884: ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34.\n\n * CVE-2024-43358: ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61.\n\n * CVE-2024-43359: ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61.\n\n * CVE-2024-43360: ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder is affected by a time-based SQL Injection vulnerability. This vulnerability is fixed in 1.36.34 and 1.37.61.\n\n * #46708: zoneminder не конвертирует видео в формат 3gp",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-18"
},
"Updated": {
"Date": "2024-09-18"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2023-41884",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-89",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-41884",
"Impact": "Low",
"Public": "20240812"
},
{
"ID": "CVE-2024-43358",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-43358",
"Impact": "Low",
"Public": "20240812"
},
{
"ID": "CVE-2024-43359",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"CWE": "CWE-79",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-43359",
"Impact": "Low",
"Public": "20240812"
},
{
"ID": "CVE-2024-43360",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-89",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-43360",
"Impact": "Critical",
"Public": "20240812"
}
],
"Bugzilla": [
{
"ID": "46708",
"Href": "https://bugzilla.altlinux.org/46708",
"Data": "zoneminder не конвертирует видео в формат 3gp"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202412804001",
"Comment": "zoneminder is earlier than 0:1.36.34-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412804002",
"Comment": "zoneminder-api is earlier than 0:1.36.34-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412804003",
"Comment": "zoneminder-nginx is earlier than 0:1.36.34-alt2"
}
]
}
]
}
}
]
}

46
oval/c9f2/ALT-PU-2024-12804/objects.json Normal file
View File

@ -0,0 +1,46 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:3001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d\\.\\d)"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412804001",
"Version": "1",
"Comment": "zoneminder is installed",
"Name": "zoneminder"
},
{
"ID": "oval:org.altlinux.errata:obj:202412804002",
"Version": "1",
"Comment": "zoneminder-api is installed",
"Name": "zoneminder-api"
},
{
"ID": "oval:org.altlinux.errata:obj:202412804003",
"Version": "1",
"Comment": "zoneminder-nginx is installed",
"Name": "zoneminder-nginx"
}
]
}

23
oval/c9f2/ALT-PU-2024-12804/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:3001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412804001",
"Version": "1",
"Comment": "package EVR is earlier than 0:1.36.34-alt2",
"Arch": {},
"EVR": {
"Text": "0:1.36.34-alt2",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

54
oval/c9f2/ALT-PU-2024-12804/tests.json Normal file
View File

@ -0,0 +1,54 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:3001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'c9f2' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:3001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:3001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412804001",
"Version": "1",
"Check": "all",
"Comment": "zoneminder is earlier than 0:1.36.34-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412804001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412804001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412804002",
"Version": "1",
"Check": "all",
"Comment": "zoneminder-api is earlier than 0:1.36.34-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412804002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412804001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412804003",
"Version": "1",
"Check": "all",
"Comment": "zoneminder-nginx is earlier than 0:1.36.34-alt2",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412804003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412804001"
}
}
]
}

110
oval/p10/ALT-PU-2024-12051/definitions.json Normal file
View File

@ -0,0 +1,110 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202412051",
"Version": "oval:org.altlinux.errata:def:202412051",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-12051: package `tzdata` update to version 2024a-alt0.p10.1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-12051",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12051",
"Source": "ALTPU"
}
],
"Description": "This update upgrades tzdata to version 2024a-alt0.p10.1. \nSecurity Fix(es):\n\n * #46949: /usr/share/zoneinfo/tzdata.zi\n\n * #49855: tzdata: -\u003e 2024a",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-18"
},
"Updated": {
"Date": "2024-09-18"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "46949",
"Href": "https://bugzilla.altlinux.org/46949",
"Data": "/usr/share/zoneinfo/tzdata.zi"
},
{
"ID": "49855",
"Href": "https://bugzilla.altlinux.org/49855",
"Data": "tzdata: -\u003e 2024a"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202412051001",
"Comment": "tzdata is earlier than 0:2024a-alt0.p10.1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:202412051002",
"Comment": "tzdata-source is earlier than 0:2024a-alt0.p10.1"
}
]
}
]
}
}
]
}

40
oval/p10/ALT-PU-2024-12051/objects.json Normal file
View File

@ -0,0 +1,40 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412051001",
"Version": "1",
"Comment": "tzdata is installed",
"Name": "tzdata"
},
{
"ID": "oval:org.altlinux.errata:obj:202412051002",
"Version": "1",
"Comment": "tzdata-source is installed",
"Name": "tzdata-source"
}
]
}

23
oval/p10/ALT-PU-2024-12051/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412051001",
"Version": "1",
"Comment": "package EVR is earlier than 0:2024a-alt0.p10.1",
"Arch": {},
"EVR": {
"Text": "0:2024a-alt0.p10.1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

42
oval/p10/ALT-PU-2024-12051/tests.json Normal file
View File

@ -0,0 +1,42 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412051001",
"Version": "1",
"Check": "all",
"Comment": "tzdata is earlier than 0:2024a-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412051001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412051001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412051002",
"Version": "1",
"Check": "all",
"Comment": "tzdata-source is earlier than 0:2024a-alt0.p10.1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412051002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412051001"
}
}
]
}

1172
oval/p10/ALT-PU-2024-12462/definitions.json Normal file
View File

File diff suppressed because one or more lines are too long

58
oval/p10/ALT-PU-2024-12462/objects.json Normal file
View File

@ -0,0 +1,58 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412462001",
"Version": "1",
"Comment": "MySQL-client is installed",
"Name": "MySQL-client"
},
{
"ID": "oval:org.altlinux.errata:obj:202412462002",
"Version": "1",
"Comment": "MySQL-server is installed",
"Name": "MySQL-server"
},
{
"ID": "oval:org.altlinux.errata:obj:202412462003",
"Version": "1",
"Comment": "MySQL-server-perl is installed",
"Name": "MySQL-server-perl"
},
{
"ID": "oval:org.altlinux.errata:obj:202412462004",
"Version": "1",
"Comment": "libmysqlclient21 is installed",
"Name": "libmysqlclient21"
},
{
"ID": "oval:org.altlinux.errata:obj:202412462005",
"Version": "1",
"Comment": "libmysqlclient21-devel is installed",
"Name": "libmysqlclient21-devel"
}
]
}

23
oval/p10/ALT-PU-2024-12462/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412462001",
"Version": "1",
"Comment": "package EVR is earlier than 0:8.0.39-alt1",
"Arch": {},
"EVR": {
"Text": "0:8.0.39-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

78
oval/p10/ALT-PU-2024-12462/tests.json Normal file
View File

@ -0,0 +1,78 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412462001",
"Version": "1",
"Check": "all",
"Comment": "MySQL-client is earlier than 0:8.0.39-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412462001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412462001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412462002",
"Version": "1",
"Check": "all",
"Comment": "MySQL-server is earlier than 0:8.0.39-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412462002"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412462001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412462003",
"Version": "1",
"Check": "all",
"Comment": "MySQL-server-perl is earlier than 0:8.0.39-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412462003"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412462001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412462004",
"Version": "1",
"Check": "all",
"Comment": "libmysqlclient21 is earlier than 0:8.0.39-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412462004"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412462001"
}
},
{
"ID": "oval:org.altlinux.errata:tst:202412462005",
"Version": "1",
"Check": "all",
"Comment": "libmysqlclient21-devel is earlier than 0:8.0.39-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412462005"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412462001"
}
}
]
}

101
oval/p10/ALT-PU-2024-12951/definitions.json Normal file
View File

@ -0,0 +1,101 @@
{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:202412951",
"Version": "oval:org.altlinux.errata:def:202412951",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2024-12951: package `make-initrd-propagator` update to version 0.51-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2024-12951",
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12951",
"Source": "ALTPU"
}
],
"Description": "This update upgrades make-initrd-propagator to version 0.51-alt1. \nSecurity Fix(es):\n\n * #51479: После загрузки live в режиме rw пропадает флаг boot с PMBR",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2024-09-18"
},
"Updated": {
"Date": "2024-09-18"
},
"BDUs": null,
"Bugzilla": [
{
"ID": "51479",
"Href": "https://bugzilla.altlinux.org/51479",
"Data": "После загрузки live в режиме rw пропадает флаг boot с PMBR"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:202412951001",
"Comment": "make-initrd-propagator is earlier than 0:0.51-alt1"
}
]
}
]
}
}
]
}

34
oval/p10/ALT-PU-2024-12951/objects.json Normal file
View File

@ -0,0 +1,34 @@
{
"TextFileContent54Objects": [
{
"ID": "oval:org.altlinux.errata:obj:2001",
"Version": "1",
"Comment": "Evaluate `/etc/os-release` file content",
"Path": {
"Datatype": "string",
"Text": "/etc"
},
"Filepath": {
"Datatype": "string",
"Text": "os-release"
},
"Pattern": {
"Datatype": "string",
"Operation": "pattern match",
"Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*"
},
"Instance": {
"Datatype": "int",
"Text": "1"
}
}
],
"RPMInfoObjects": [
{
"ID": "oval:org.altlinux.errata:obj:202412951001",
"Version": "1",
"Comment": "make-initrd-propagator is installed",
"Name": "make-initrd-propagator"
}
]
}

23
oval/p10/ALT-PU-2024-12951/states.json Normal file
View File

@ -0,0 +1,23 @@
{
"TextFileContent54State": [
{
"ID": "oval:org.altlinux.errata:ste:2001",
"Version": "1",
"Text": {}
}
],
"RPMInfoStates": [
{
"ID": "oval:org.altlinux.errata:ste:202412951001",
"Version": "1",
"Comment": "package EVR is earlier than 0:0.51-alt1",
"Arch": {},
"EVR": {
"Text": "0:0.51-alt1",
"Datatype": "evr_string",
"Operation": "less than"
},
"Subexpression": {}
}
]
}

30
oval/p10/ALT-PU-2024-12951/tests.json Normal file
View File

@ -0,0 +1,30 @@
{
"TextFileContent54Tests": [
{
"ID": "oval:org.altlinux.errata:tst:2001",
"Version": "1",
"Check": "all",
"Comment": "ALT Linux based on branch 'p10' must be installed",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:2001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:2001"
}
}
],
"RPMInfoTests": [
{
"ID": "oval:org.altlinux.errata:tst:202412951001",
"Version": "1",
"Check": "all",
"Comment": "make-initrd-propagator is earlier than 0:0.51-alt1",
"Object": {
"ObjectRef": "oval:org.altlinux.errata:obj:202412951001"
},
"State": {
"StateRef": "oval:org.altlinux.errata:ste:202412951001"
}
}
]
}