vuln-list-alt/oval/p10/ALT-PU-2024-1311/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20241311",
      "Version": "oval:org.altlinux.errata:def:20241311",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2024-1311: package `samba` update to version 4.19.4-alt1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch p10"
            ],
            "Products": [
              "ALT Server",
              "ALT Virtualization Server",
              "ALT Workstation",
              "ALT Workstation K",
              "ALT Education",
              "Simply Linux",
              "Starterkit"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2024-1311",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2024-1311",
            "Source": "ALTPU"
          },
          {
            "RefID": "BDU:2023-07419",
            "RefURL": "https://bdu.fstec.ru/vul/2023-07419",
            "Source": "BDU"
          },
          {
            "RefID": "CVE-2018-14628",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-14628",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2023-5568",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-5568",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades samba to version 4.19.4-alt1. \nSecurity Fix(es):\n\n * BDU:2023-07419: Уязвимость пакета программ сетевого взаимодействия Samba, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2018-14628: An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.\n\n * CVE-2023-5568: A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "Low",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2024-02-20"
          },
          "Updated": {
            "Date": "2024-02-20"
          },
          "BDUs": [
            {
              "ID": "BDU:2023-07419",
              "CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
              "CVSS3": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-122",
              "Href": "https://bdu.fstec.ru/vul/2023-07419",
              "Impact": "Low",
              "Public": "20231016"
            }
          ],
          "CVEs": [
            {
              "ID": "CVE-2018-14628",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "CWE": "CWE-862",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-14628",
              "Impact": "Low",
              "Public": "20230117"
            },
            {
              "ID": "CVE-2023-5568",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "CWE": "CWE-787",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-5568",
              "Impact": "Low",
              "Public": "20231025"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:kworkstation:10",
              "cpe:/o:alt:workstation:10",
              "cpe:/o:alt:server:10",
              "cpe:/o:alt:server-v:10",
              "cpe:/o:alt:education:10",
              "cpe:/o:alt:slinux:10",
              "cpe:/o:alt:starterkit:p10",
              "cpe:/o:alt:kworkstation:10.1",
              "cpe:/o:alt:workstation:10.1",
              "cpe:/o:alt:server:10.1",
              "cpe:/o:alt:server-v:10.1",
              "cpe:/o:alt:education:10.1",
              "cpe:/o:alt:slinux:10.1",
              "cpe:/o:alt:starterkit:10.1",
              "cpe:/o:alt:kworkstation:10.2",
              "cpe:/o:alt:workstation:10.2",
              "cpe:/o:alt:server:10.2",
              "cpe:/o:alt:server-v:10.2",
              "cpe:/o:alt:education:10.2",
              "cpe:/o:alt:slinux:10.2",
              "cpe:/o:alt:starterkit:10.2"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:2001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311001",
                "Comment": "admx-samba is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311002",
                "Comment": "libldb-modules-ldap is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311003",
                "Comment": "libsmbclient is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311004",
                "Comment": "libsmbclient-devel is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311005",
                "Comment": "libwbclient is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311006",
                "Comment": "libwbclient-devel is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311007",
                "Comment": "python3-module-samba is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311008",
                "Comment": "python3-module-samba-devel is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311009",
                "Comment": "samba is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311010",
                "Comment": "samba-client is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311011",
                "Comment": "samba-common is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311012",
                "Comment": "samba-common-client is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311013",
                "Comment": "samba-common-libs is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311014",
                "Comment": "samba-common-tools is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311015",
                "Comment": "samba-ctdb is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311016",
                "Comment": "samba-ctdb-ceph-mutex is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311017",
                "Comment": "samba-ctdb-etcd-mutex is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311018",
                "Comment": "samba-dc is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311019",
                "Comment": "samba-dc-client is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311020",
                "Comment": "samba-dc-common is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311021",
                "Comment": "samba-dc-libs is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311022",
                "Comment": "samba-dc-mitkrb5 is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311023",
                "Comment": "samba-dcerpc is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311024",
                "Comment": "samba-devel is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311025",
                "Comment": "samba-doc is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311026",
                "Comment": "samba-gpupdate is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311027",
                "Comment": "samba-krb5-printing is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311028",
                "Comment": "samba-libs is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311029",
                "Comment": "samba-pidl is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311030",
                "Comment": "samba-test is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311031",
                "Comment": "samba-usershares is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311032",
                "Comment": "samba-util-private-headers is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311033",
                "Comment": "samba-vfs-cephfs is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311034",
                "Comment": "samba-vfs-glusterfs is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311035",
                "Comment": "samba-vfs-snapper is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311036",
                "Comment": "samba-winbind is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311037",
                "Comment": "samba-winbind-clients is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311038",
                "Comment": "samba-winbind-common is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311039",
                "Comment": "samba-winbind-krb5-localauth is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311040",
                "Comment": "samba-winbind-krb5-locator is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311041",
                "Comment": "task-samba-dc is earlier than 0:4.19.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20241311042",
                "Comment": "task-samba-dc-mitkrb5 is earlier than 0:4.19.4-alt1"
              }
            ]
          }
        ]
      }
    }
  ]
}