144 lines
5.2 KiB
JSON
144 lines
5.2 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20246639",
|
|
"Version": "oval:org.altlinux.errata:def:20246639",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2024-6639: package `qt5-connectivity` update to version 5.15.13-alt1",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch p10"
|
|
],
|
|
"Products": [
|
|
"ALT Server",
|
|
"ALT Virtualization Server",
|
|
"ALT Workstation",
|
|
"ALT Workstation K",
|
|
"ALT Education",
|
|
"Simply Linux",
|
|
"Starterkit"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2024-6639",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-6639",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2023-02373",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2023-02373",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2023-24607",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-24607",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades qt5-connectivity to version 5.15.13-alt1. \nSecurity Fix(es):\n\n * BDU:2023-02373: Уязвимость плагина SQL ODBC кроссплатформенного фреймворка для разработки программного обеспечения Qt, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2023-24607: Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before 6.4.3.",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "High",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2024-04-27"
|
|
},
|
|
"Updated": {
|
|
"Date": "2024-04-27"
|
|
},
|
|
"BDUs": [
|
|
{
|
|
"ID": "BDU:2023-02373",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-20, CWE-404",
|
|
"Href": "https://bdu.fstec.ru/vul/2023-02373",
|
|
"Impact": "High",
|
|
"Public": "20230415"
|
|
}
|
|
],
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2023-24607",
|
|
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-24607",
|
|
"Impact": "High",
|
|
"Public": "20230415"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:kworkstation:10",
|
|
"cpe:/o:alt:workstation:10",
|
|
"cpe:/o:alt:server:10",
|
|
"cpe:/o:alt:server-v:10",
|
|
"cpe:/o:alt:education:10",
|
|
"cpe:/o:alt:slinux:10",
|
|
"cpe:/o:alt:starterkit:p10",
|
|
"cpe:/o:alt:kworkstation:10.1",
|
|
"cpe:/o:alt:workstation:10.1",
|
|
"cpe:/o:alt:server:10.1",
|
|
"cpe:/o:alt:server-v:10.1",
|
|
"cpe:/o:alt:education:10.1",
|
|
"cpe:/o:alt:slinux:10.1",
|
|
"cpe:/o:alt:starterkit:10.1",
|
|
"cpe:/o:alt:kworkstation:10.2",
|
|
"cpe:/o:alt:workstation:10.2",
|
|
"cpe:/o:alt:server:10.2",
|
|
"cpe:/o:alt:server-v:10.2",
|
|
"cpe:/o:alt:education:10.2",
|
|
"cpe:/o:alt:slinux:10.2",
|
|
"cpe:/o:alt:starterkit:10.2"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:2001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20246639001",
|
|
"Comment": "libqt5-bluetooth is earlier than 0:5.15.13-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20246639002",
|
|
"Comment": "libqt5-nfc is earlier than 0:5.15.13-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20246639003",
|
|
"Comment": "qt5-connectivity is earlier than 0:5.15.13-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20246639004",
|
|
"Comment": "qt5-connectivity-common is earlier than 0:5.15.13-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20246639005",
|
|
"Comment": "qt5-connectivity-devel is earlier than 0:5.15.13-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20246639006",
|
|
"Comment": "qt5-connectivity-doc is earlier than 0:5.15.13-alt1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |