pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p10/ALT-PU-2014-2197/definitions.json
pepelyaevip 83c40c9d64 ALT Vulnerability
2024-07-06 03:04:52 +00:00

196 lines
8.5 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20142197",
"Version": "oval:org.altlinux.errata:def:20142197",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2014-2197: package `chromium` update to version 37.0.2062.124-alt2",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p10"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2014-2197",
"RefURL": "https://errata.altlinux.org/ALT-PU-2014-2197",
"Source": "ALTPU"
},
{
"RefID": "BDU:2015-00241",
"RefURL": "https://bdu.fstec.ru/vul/2015-00241",
"Source": "BDU"
},
{
"RefID": "BDU:2015-00450",
"RefURL": "https://bdu.fstec.ru/vul/2015-00450",
"Source": "BDU"
},
{
"RefID": "BDU:2015-00466",
"RefURL": "https://bdu.fstec.ru/vul/2015-00466",
"Source": "BDU"
},
{
"RefID": "BDU:2015-00677",
"RefURL": "https://bdu.fstec.ru/vul/2015-00677",
"Source": "BDU"
},
{
"RefID": "BDU:2015-00709",
"RefURL": "https://bdu.fstec.ru/vul/2015-00709",
"Source": "BDU"
},
{
"RefID": "BDU:2015-10003",
"RefURL": "https://bdu.fstec.ru/vul/2015-10003",
"Source": "BDU"
},
{
"RefID": "CVE-2014-1568",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2014-1568",
"Source": "CVE"
}
],
"Description": "This update upgrades chromium to version 37.0.2062.124-alt2. \nSecurity Fix(es):\n\n * BDU:2015-00241: Уязвимость браузера Google Chrome, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-00450: Уязвимость браузера Firefox, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-00466: Уязвимость программного обеспечения Firefox ESR, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-00677: Уязвимость программного обеспечения SeaMonkey, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-00709: Уязвимость программного обеспечения Thunderbird, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-10003: Уязвимость программной платформы Oracle Fusion Middleware, позволяющая удаленному нарушителю подменить RSA-подпись\n\n * CVE-2014-1568: Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a \"signature malleability\" issue.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2014-09-27"
},
"Updated": {
"Date": "2014-09-27"
},
"BDUs": [
{
"ID": "BDU:2015-00241",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00241",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-00450",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00450",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-00466",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00466",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-00677",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00677",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-00709",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-00709",
"Impact": "High",
"Public": "20140925"
},
{
"ID": "BDU:2015-10003",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://bdu.fstec.ru/vul/2015-10003",
"Impact": "High",
"Public": "20140920"
}
],
"CVEs": [
{
"ID": "CVE-2014-1568",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CWE": "CWE-310",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2014-1568",
"Impact": "High",
"Public": "20140925"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:10",
"cpe:/o:alt:workstation:10",
"cpe:/o:alt:server:10",
"cpe:/o:alt:server-v:10",
"cpe:/o:alt:education:10",
"cpe:/o:alt:slinux:10",
"cpe:/o:alt:starterkit:p10",
"cpe:/o:alt:kworkstation:10.1",
"cpe:/o:alt:workstation:10.1",
"cpe:/o:alt:server:10.1",
"cpe:/o:alt:server-v:10.1",
"cpe:/o:alt:education:10.1",
"cpe:/o:alt:slinux:10.1",
"cpe:/o:alt:starterkit:10.1",
"cpe:/o:alt:kworkstation:10.2",
"cpe:/o:alt:workstation:10.2",
"cpe:/o:alt:server:10.2",
"cpe:/o:alt:server-v:10.2",
"cpe:/o:alt:education:10.2",
"cpe:/o:alt:slinux:10.2",
"cpe:/o:alt:starterkit:10.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:2001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20142197001",
"Comment": "chromium is earlier than 0:37.0.2062.124-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20142197002",
"Comment": "chromium-gnome is earlier than 0:37.0.2062.124-alt2"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20142197003",
"Comment": "chromium-kde is earlier than 0:37.0.2062.124-alt2"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink