vuln-list-alt/oval/p10/ALT-PU-2019-2628/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20192628",
      "Version": "oval:org.altlinux.errata:def:20192628",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2019-2628: package `ghostscript` update to version 9.27.9-alt1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch p10"
            ],
            "Products": [
              "ALT Server",
              "ALT Virtualization Server",
              "ALT Workstation",
              "ALT Workstation K",
              "ALT Education",
              "Simply Linux",
              "Starterkit"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2019-2628",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2019-2628",
            "Source": "ALTPU"
          },
          {
            "RefID": "BDU:2019-04749",
            "RefURL": "https://bdu.fstec.ru/vul/2019-04749",
            "Source": "BDU"
          },
          {
            "RefID": "CVE-2019-1481",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-1481",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades ghostscript to version 9.27.9-alt1. \nSecurity Fix(es):\n\n * BDU:2019-04749: Уязвимость компонента Windows Media Player операционной системы Windows, позволяющая нарушителю раскрыть защищаемую информацию\n\n * CVE-2019-1481: An information disclosure vulnerability exists in Windows Media Player when it fails to properly handle objects in memory, aka 'Windows Media Player Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1480.",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "Low",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2019-09-04"
          },
          "Updated": {
            "Date": "2019-09-04"
          },
          "BDUs": [
            {
              "ID": "BDU:2019-04749",
              "CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
              "CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
              "CWE": "CWE-200",
              "Href": "https://bdu.fstec.ru/vul/2019-04749",
              "Impact": "Low",
              "Public": "20191210"
            }
          ],
          "CVEs": [
            {
              "ID": "CVE-2019-1481",
              "CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
              "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
              "CWE": "CWE-125",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-1481",
              "Impact": "Low",
              "Public": "20191210"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:kworkstation:10",
              "cpe:/o:alt:workstation:10",
              "cpe:/o:alt:server:10",
              "cpe:/o:alt:server-v:10",
              "cpe:/o:alt:education:10",
              "cpe:/o:alt:slinux:10",
              "cpe:/o:alt:starterkit:p10",
              "cpe:/o:alt:kworkstation:10.1",
              "cpe:/o:alt:workstation:10.1",
              "cpe:/o:alt:server:10.1",
              "cpe:/o:alt:server-v:10.1",
              "cpe:/o:alt:education:10.1",
              "cpe:/o:alt:slinux:10.1",
              "cpe:/o:alt:starterkit:10.1",
              "cpe:/o:alt:kworkstation:10.2",
              "cpe:/o:alt:workstation:10.2",
              "cpe:/o:alt:server:10.2",
              "cpe:/o:alt:server-v:10.2",
              "cpe:/o:alt:education:10.2",
              "cpe:/o:alt:slinux:10.2",
              "cpe:/o:alt:starterkit:10.2"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:2001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628001",
                "Comment": "ghostscript is earlier than 0:9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628002",
                "Comment": "ghostscript-classic is earlier than 0:9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628003",
                "Comment": "ghostscript-common is earlier than 0:9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628004",
                "Comment": "ghostscript-gtk is earlier than 0:9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628005",
                "Comment": "ghostscript-module-X is earlier than 0:9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628006",
                "Comment": "ghostscript-utils is earlier than 0:9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628007",
                "Comment": "libgs is earlier than 0:9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628008",
                "Comment": "libgs-devel is earlier than 0:9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628009",
                "Comment": "libijs is earlier than 0:0.35_9.27.9-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20192628010",
                "Comment": "libijs-devel is earlier than 0:9.27.9-alt1"
              }
            ]
          }
        ]
      }
    }
  ]
}