diff --git a/oval/c9f2/ALT-PU-2024-1384/definitions.json b/oval/c9f2/ALT-PU-2024-1384/definitions.json index 9f2eb53a29..bf6e6c7617 100644 --- a/oval/c9f2/ALT-PU-2024-1384/definitions.json +++ b/oval/c9f2/ALT-PU-2024-1384/definitions.json @@ -33,7 +33,7 @@ "Description": "This update upgrades freeipa to version 4.8.9-alt4.c9f2.5. \nSecurity Fix(es):\n\n * CVE-2023-5455: A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.", "Advisory": { "From": "errata.altlinux.org", - "Severity": "High", + "Severity": "Low", "Rights": "Copyright 2024 BaseALT Ltd.", "Issued": { "Date": "2024-02-06" @@ -44,10 +44,10 @@ "bdu": null, "Cves": [ { - "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", + "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "Cwe": "CWE-352", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-5455", - "Impact": "High", + "Impact": "Low", "Public": "20240110", "CveID": "CVE-2023-5455" } diff --git a/oval/c9f2/ALT-PU-2024-2455/definitions.json b/oval/c9f2/ALT-PU-2024-2455/definitions.json index 0614285697..79cd1dd4cf 100644 --- a/oval/c9f2/ALT-PU-2024-2455/definitions.json +++ b/oval/c9f2/ALT-PU-2024-2455/definitions.json @@ -64,8 +64,10 @@ ], "Cves": [ { + "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "Cwe": "CWE-770", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-50387", - "Impact": "None", + "Impact": "High", "Public": "20240214", "CveID": "CVE-2023-50387" }, diff --git a/oval/p10/ALT-PU-2024-1253/definitions.json b/oval/p10/ALT-PU-2024-1253/definitions.json index 1cca4aaf3a..710d8f1883 100644 --- a/oval/p10/ALT-PU-2024-1253/definitions.json +++ b/oval/p10/ALT-PU-2024-1253/definitions.json @@ -38,7 +38,7 @@ "Description": "This update upgrades freeipa to version 4.9.14-alt0.p10.1. \nSecurity Fix(es):\n\n * CVE-2023-5455: A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.", "Advisory": { "From": "errata.altlinux.org", - "Severity": "High", + "Severity": "Low", "Rights": "Copyright 2024 BaseALT Ltd.", "Issued": { "Date": "2024-01-26" @@ -49,10 +49,10 @@ "bdu": null, "Cves": [ { - "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", + "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "Cwe": "CWE-352", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-5455", - "Impact": "High", + "Impact": "Low", "Public": "20240110", "CveID": "CVE-2023-5455" } diff --git a/oval/p10/ALT-PU-2024-2453/definitions.json b/oval/p10/ALT-PU-2024-2453/definitions.json index c78fc0665c..86572cb786 100644 --- a/oval/p10/ALT-PU-2024-2453/definitions.json +++ b/oval/p10/ALT-PU-2024-2453/definitions.json @@ -43,7 +43,7 @@ "Description": "This update upgrades unbound to version 1.19.1-alt1. \nSecurity Fix(es):\n\n * CVE-2023-50387: Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.\n\n * CVE-2023-50868: The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.\n\n * #49432: Просьба обновить до версии 1.19.1.", "Advisory": { "From": "errata.altlinux.org", - "Severity": "Low", + "Severity": "High", "Rights": "Copyright 2024 BaseALT Ltd.", "Issued": { "Date": "2024-02-19" @@ -54,8 +54,10 @@ "bdu": null, "Cves": [ { + "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "Cwe": "CWE-770", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-50387", - "Impact": "None", + "Impact": "High", "Public": "20240214", "CveID": "CVE-2023-50387" }, diff --git a/oval/p10/ALT-PU-2024-2475/definitions.json b/oval/p10/ALT-PU-2024-2475/definitions.json new file mode 100644 index 0000000000..b555da0443 --- /dev/null +++ b/oval/p10/ALT-PU-2024-2475/definitions.json @@ -0,0 +1,137 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:20242475", + "Version": "oval:org.altlinux.errata:def:20242475", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-2475: package `kernel-image-un-def` update to version 6.1.78-alt1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch p10" + ], + "Products": [ + "ALT Server", + "ALT Virtualization Server", + "ALT Workstation", + "ALT Workstation K", + "ALT Education", + "Simply Linux", + "Starterkit" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-2475", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-2475", + "Source": "ALTPU" + } + ], + "Description": "This update upgrades kernel-image-un-def to version 6.1.78-alt1. \nSecurity Fix(es):\n\n * #49296: Отсутствуют профили работы CPU", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-02-21" + }, + "Updated": { + "Date": "2024-02-21" + }, + "bdu": null, + "Bugzilla": [ + { + "Id": "49296", + "Href": "https://bugzilla.altlinux.org/49296", + "Data": "Отсутствуют профили работы CPU" + } + ], + "AffectedCpeList": { + "Cpe": [ + "cpe:/o:alt:kworkstation:10", + "cpe:/o:alt:workstation:10", + "cpe:/o:alt:server:10", + "cpe:/o:alt:server-v:10", + "cpe:/o:alt:education:10", + "cpe:/o:alt:slinux:10", + "cpe:/o:alt:starterkit:p10", + "cpe:/o:alt:kworkstation:10.1", + "cpe:/o:alt:workstation:10.1", + "cpe:/o:alt:server:10.1", + "cpe:/o:alt:server-v:10.1", + "cpe:/o:alt:education:10.1", + "cpe:/o:alt:slinux:10.1", + "cpe:/o:alt:starterkit:10.1", + "cpe:/o:alt:kworkstation:10.2", + "cpe:/o:alt:workstation:10.2", + "cpe:/o:alt:server:10.2", + "cpe:/o:alt:server-v:10.2", + "cpe:/o:alt:education:10.2", + "cpe:/o:alt:slinux:10.2", + "cpe:/o:alt:starterkit:10.2" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:2001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:20242475001", + "Comment": "kernel-doc-un is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475002", + "Comment": "kernel-headers-modules-un-def is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475003", + "Comment": "kernel-headers-un-def is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475004", + "Comment": "kernel-image-domU-un-def is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475005", + "Comment": "kernel-image-un-def is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475006", + "Comment": "kernel-image-un-def-checkinstall is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475007", + "Comment": "kernel-modules-drm-ancient-un-def is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475008", + "Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475009", + "Comment": "kernel-modules-drm-un-def is earlier than 1:6.1.78-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242475010", + "Comment": "kernel-modules-staging-un-def is earlier than 1:6.1.78-alt1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-2475/objects.json b/oval/p10/ALT-PU-2024-2475/objects.json new file mode 100644 index 0000000000..d9ce46cba2 --- /dev/null +++ b/oval/p10/ALT-PU-2024-2475/objects.json @@ -0,0 +1,88 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:2001", + "Version": "1", + "comment": "Evaluate `/etc/os-release` file content", + "Path": { + "dataType": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RpmInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:20242475001", + "Version": "1", + "comment": "kernel-doc-un is installed", + "Name": "kernel-doc-un" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475002", + "Version": "1", + "comment": "kernel-headers-modules-un-def is installed", + "Name": "kernel-headers-modules-un-def" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475003", + "Version": "1", + "comment": "kernel-headers-un-def is installed", + "Name": "kernel-headers-un-def" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475004", + "Version": "1", + "comment": "kernel-image-domU-un-def is installed", + "Name": "kernel-image-domU-un-def" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475005", + "Version": "1", + "comment": "kernel-image-un-def is installed", + "Name": "kernel-image-un-def" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475006", + "Version": "1", + "comment": "kernel-image-un-def-checkinstall is installed", + "Name": "kernel-image-un-def-checkinstall" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475007", + "Version": "1", + "comment": "kernel-modules-drm-ancient-un-def is installed", + "Name": "kernel-modules-drm-ancient-un-def" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475008", + "Version": "1", + "comment": "kernel-modules-drm-nouveau-un-def is installed", + "Name": "kernel-modules-drm-nouveau-un-def" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475009", + "Version": "1", + "comment": "kernel-modules-drm-un-def is installed", + "Name": "kernel-modules-drm-un-def" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242475010", + "Version": "1", + "comment": "kernel-modules-staging-un-def is installed", + "Name": "kernel-modules-staging-un-def" + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-2475/states.json b/oval/p10/ALT-PU-2024-2475/states.json new file mode 100644 index 0000000000..f48472efad --- /dev/null +++ b/oval/p10/ALT-PU-2024-2475/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:2001", + "Version": "1", + "Text": {} + } + ], + "RpmInfoState": [ + { + "ID": "oval:org.altlinux.errata:ste:20242475001", + "Version": "1", + "Comment": "package EVR is earlier than 1:6.1.78-alt1", + "Arch": {}, + "Evr": { + "Text": "1:6.1.78-alt1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-2475/tests.json b/oval/p10/ALT-PU-2024-2475/tests.json new file mode 100644 index 0000000000..f6c1715f24 --- /dev/null +++ b/oval/p10/ALT-PU-2024-2475/tests.json @@ -0,0 +1,138 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:2001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'p10' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:2001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:2001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:20242475001", + "Version": "1", + "Check": "all", + "Comment": "kernel-doc-un is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475002", + "Version": "1", + "Check": "all", + "Comment": "kernel-headers-modules-un-def is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475003", + "Version": "1", + "Check": "all", + "Comment": "kernel-headers-un-def is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475003" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475004", + "Version": "1", + "Check": "all", + "Comment": "kernel-image-domU-un-def is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475004" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475005", + "Version": "1", + "Check": "all", + "Comment": "kernel-image-un-def is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475005" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475006", + "Version": "1", + "Check": "all", + "Comment": "kernel-image-un-def-checkinstall is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475006" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475007", + "Version": "1", + "Check": "all", + "Comment": "kernel-modules-drm-ancient-un-def is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475007" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475008", + "Version": "1", + "Check": "all", + "Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475008" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475009", + "Version": "1", + "Check": "all", + "Comment": "kernel-modules-drm-un-def is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475009" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242475010", + "Version": "1", + "Check": "all", + "Comment": "kernel-modules-staging-un-def is earlier than 1:6.1.78-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242475010" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242475001" + } + } + ] +} \ No newline at end of file diff --git a/oval/p9/ALT-PU-2024-2605/definitions.json b/oval/p9/ALT-PU-2024-2605/definitions.json new file mode 100644 index 0000000000..b03d405a99 --- /dev/null +++ b/oval/p9/ALT-PU-2024-2605/definitions.json @@ -0,0 +1,154 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:20242605", + "Version": "oval:org.altlinux.errata:def:20242605", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-2605: package `unbound` update to version 1.19.1-alt1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch p9" + ], + "Products": [ + "ALT Server", + "ALT Virtualization Server", + "ALT Workstation", + "ALT Workstation K", + "ALT Education", + "Simply Linux", + "Starterkit" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-2605", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-2605", + "Source": "ALTPU" + }, + { + "RefID": "BDU:2024-01359", + "RefURL": "https://bdu.fstec.ru/vul/2024-01359", + "Source": "BDU" + }, + { + "RefID": "CVE-2023-50387", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-50387", + "Source": "CVE" + }, + { + "RefID": "CVE-2023-50868", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-50868", + "Source": "CVE" + } + ], + "Description": "This update upgrades unbound to version 1.19.1-alt1. \nSecurity Fix(es):\n\n * BDU:2024-01359: Уязвимость компонента DNSSEC реализации протокола DNS сервера DNS BIND, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2023-50387: Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.\n\n * CVE-2023-50868: The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.\n\n * #49432: Просьба обновить до версии 1.19.1.", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "High", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-02-21" + }, + "Updated": { + "Date": "2024-02-21" + }, + "bdu": [ + { + "Cvss": "AV:N/AC:L/Au:N/C:N/I:N/A:C", + "Cvss3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "Cwe": "CWE-400", + "Href": "https://bdu.fstec.ru/vul/2024-01359", + "Impact": "High", + "Public": "20240213", + "CveID": "BDU:2024-01359" + } + ], + "Cves": [ + { + "Cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "Cwe": "CWE-770", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-50387", + "Impact": "High", + "Public": "20240214", + "CveID": "CVE-2023-50387" + }, + { + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-50868", + "Impact": "None", + "Public": "20240214", + "CveID": "CVE-2023-50868" + } + ], + "Bugzilla": [ + { + "Id": "49432", + "Href": "https://bugzilla.altlinux.org/49432", + "Data": "Просьба обновить до версии 1.19.1." + } + ], + "AffectedCpeList": { + "Cpe": [ + "cpe:/o:alt:kworkstation:9", + "cpe:/o:alt:workstation:9", + "cpe:/o:alt:server:9", + "cpe:/o:alt:server-v:9", + "cpe:/o:alt:education:9", + "cpe:/o:alt:slinux:9", + "cpe:/o:alt:starterkit:p9", + "cpe:/o:alt:kworkstation:9.1", + "cpe:/o:alt:workstation:9.1", + "cpe:/o:alt:server:9.1", + "cpe:/o:alt:server-v:9.1", + "cpe:/o:alt:education:9.1", + "cpe:/o:alt:slinux:9.1", + "cpe:/o:alt:starterkit:9.1", + "cpe:/o:alt:kworkstation:9.2", + "cpe:/o:alt:workstation:9.2", + "cpe:/o:alt:server:9.2", + "cpe:/o:alt:server-v:9.2", + "cpe:/o:alt:education:9.2", + "cpe:/o:alt:slinux:9.2", + "cpe:/o:alt:starterkit:9.2" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:1001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:20242605001", + "Comment": "libunbound is earlier than 0:1.19.1-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242605002", + "Comment": "libunbound-devel is earlier than 0:1.19.1-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242605003", + "Comment": "unbound is earlier than 0:1.19.1-alt1" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:20242605004", + "Comment": "unbound-control is earlier than 0:1.19.1-alt1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/p9/ALT-PU-2024-2605/objects.json b/oval/p9/ALT-PU-2024-2605/objects.json new file mode 100644 index 0000000000..1f073cd175 --- /dev/null +++ b/oval/p9/ALT-PU-2024-2605/objects.json @@ -0,0 +1,52 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:1001", + "Version": "1", + "comment": "Evaluate `/etc/os-release` file content", + "Path": { + "dataType": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RpmInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:20242605001", + "Version": "1", + "comment": "libunbound is installed", + "Name": "libunbound" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242605002", + "Version": "1", + "comment": "libunbound-devel is installed", + "Name": "libunbound-devel" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242605003", + "Version": "1", + "comment": "unbound is installed", + "Name": "unbound" + }, + { + "ID": "oval:org.altlinux.errata:obj:20242605004", + "Version": "1", + "comment": "unbound-control is installed", + "Name": "unbound-control" + } + ] +} \ No newline at end of file diff --git a/oval/p9/ALT-PU-2024-2605/states.json b/oval/p9/ALT-PU-2024-2605/states.json new file mode 100644 index 0000000000..4c3e8fa835 --- /dev/null +++ b/oval/p9/ALT-PU-2024-2605/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:1001", + "Version": "1", + "Text": {} + } + ], + "RpmInfoState": [ + { + "ID": "oval:org.altlinux.errata:ste:20242605001", + "Version": "1", + "Comment": "package EVR is earlier than 0:1.19.1-alt1", + "Arch": {}, + "Evr": { + "Text": "0:1.19.1-alt1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/p9/ALT-PU-2024-2605/tests.json b/oval/p9/ALT-PU-2024-2605/tests.json new file mode 100644 index 0000000000..a8c9758300 --- /dev/null +++ b/oval/p9/ALT-PU-2024-2605/tests.json @@ -0,0 +1,66 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:1001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'p9' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:1001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:1001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:20242605001", + "Version": "1", + "Check": "all", + "Comment": "libunbound is earlier than 0:1.19.1-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242605001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242605001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242605002", + "Version": "1", + "Check": "all", + "Comment": "libunbound-devel is earlier than 0:1.19.1-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242605002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242605001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242605003", + "Version": "1", + "Check": "all", + "Comment": "unbound is earlier than 0:1.19.1-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242605003" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242605001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:20242605004", + "Version": "1", + "Check": "all", + "Comment": "unbound-control is earlier than 0:1.19.1-alt1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:20242605004" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:20242605001" + } + } + ] +} \ No newline at end of file