vuln-list-alt/oval/p10/ALT-PU-2018-1167/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20181167",
      "Version": "oval:org.altlinux.errata:def:20181167",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2018-1167: package `NetworkManager` update to version 1.10.4-alt1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch p10"
            ],
            "Products": [
              "ALT Server",
              "ALT Virtualization Server",
              "ALT Workstation",
              "ALT Workstation K",
              "ALT Education",
              "Simply Linux",
              "Starterkit"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2018-1167",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2018-1167",
            "Source": "ALTPU"
          },
          {
            "RefID": "BDU:2020-01815",
            "RefURL": "https://bdu.fstec.ru/vul/2020-01815",
            "Source": "BDU"
          },
          {
            "RefID": "CVE-2018-1000135",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000135",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades NetworkManager to version 1.10.4-alt1. \nSecurity Fix(es):\n\n * BDU:2020-01815: Уязвимость утилиты управление сетевыми подключениями GNOME NetworkManage, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к информации\n\n * CVE-2018-1000135: GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have been fixed in Some Ubuntu 16.04 packages were fixed, but later updates removed the fix. cf. https://bugs.launchpad.net/ubuntu/+bug/1754671 an upstream fix does not appear to be available at this time.",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "High",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2018-02-09"
          },
          "Updated": {
            "Date": "2018-02-09"
          },
          "BDUs": [
            {
              "ID": "BDU:2020-01815",
              "CVSS": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
              "CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "CWE": "CWE-200",
              "Href": "https://bdu.fstec.ru/vul/2020-01815",
              "Impact": "High",
              "Public": "20180320"
            }
          ],
          "CVEs": [
            {
              "ID": "CVE-2018-1000135",
              "CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
              "CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "CWE": "CWE-200",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000135",
              "Impact": "High",
              "Public": "20180320"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:kworkstation:10",
              "cpe:/o:alt:workstation:10",
              "cpe:/o:alt:server:10",
              "cpe:/o:alt:server-v:10",
              "cpe:/o:alt:education:10",
              "cpe:/o:alt:slinux:10",
              "cpe:/o:alt:starterkit:p10",
              "cpe:/o:alt:kworkstation:10.1",
              "cpe:/o:alt:workstation:10.1",
              "cpe:/o:alt:server:10.1",
              "cpe:/o:alt:server-v:10.1",
              "cpe:/o:alt:education:10.1",
              "cpe:/o:alt:slinux:10.1",
              "cpe:/o:alt:starterkit:10.1",
              "cpe:/o:alt:kworkstation:10.2",
              "cpe:/o:alt:workstation:10.2",
              "cpe:/o:alt:server:10.2",
              "cpe:/o:alt:server-v:10.2",
              "cpe:/o:alt:education:10.2",
              "cpe:/o:alt:slinux:10.2",
              "cpe:/o:alt:starterkit:10.2"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:2001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167001",
                "Comment": "NetworkManager is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167002",
                "Comment": "NetworkManager-adsl is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167003",
                "Comment": "NetworkManager-bluetooth is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167004",
                "Comment": "NetworkManager-daemon is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167005",
                "Comment": "NetworkManager-devel is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167006",
                "Comment": "NetworkManager-devel-doc is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167007",
                "Comment": "NetworkManager-glib-devel is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167008",
                "Comment": "NetworkManager-glib-gir is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167009",
                "Comment": "NetworkManager-glib-gir-devel is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167010",
                "Comment": "NetworkManager-ovs is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167011",
                "Comment": "NetworkManager-ppp is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167012",
                "Comment": "NetworkManager-team is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167013",
                "Comment": "NetworkManager-tui is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167014",
                "Comment": "NetworkManager-wifi is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167015",
                "Comment": "NetworkManager-wwan is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167016",
                "Comment": "libnm is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167017",
                "Comment": "libnm-devel is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167018",
                "Comment": "libnm-devel-doc is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167019",
                "Comment": "libnm-gir is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167020",
                "Comment": "libnm-gir-devel is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167021",
                "Comment": "libnm-glib-devel is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167022",
                "Comment": "libnm-glib-vpn-devel is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167023",
                "Comment": "libnm-glib-vpn1 is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167024",
                "Comment": "libnm-glib4 is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167025",
                "Comment": "libnm-util-devel is earlier than 0:1.10.4-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20181167026",
                "Comment": "libnm-util2 is earlier than 0:1.10.4-alt1"
              }
            ]
          }
        ]
      }
    }
  ]
}