126 lines
4.6 KiB
JSON
126 lines
4.6 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20172403",
|
|
"Version": "oval:org.altlinux.errata:def:20172403",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2017-2403: package `freeipa` update to version 4.4.4-alt4.S1",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch c10f1"
|
|
],
|
|
"Products": [
|
|
"ALT SP Workstation",
|
|
"ALT SP Server"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2017-2403",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2017-2403",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-2590",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-2590",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades freeipa to version 4.4.4-alt4.S1. \nSecurity Fix(es):\n\n * CVE-2017-2590: A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "High",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2017-10-10"
|
|
},
|
|
"Updated": {
|
|
"Date": "2017-10-10"
|
|
},
|
|
"BDUs": null,
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2017-2590",
|
|
"CVSS": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
|
|
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
|
|
"CWE": "CWE-275",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-2590",
|
|
"Impact": "High",
|
|
"Public": "20180727"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:spworkstation:10",
|
|
"cpe:/o:alt:spserver:10"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:4001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403001",
|
|
"Comment": "freeipa-client is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403002",
|
|
"Comment": "freeipa-client-common is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403003",
|
|
"Comment": "freeipa-common is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403004",
|
|
"Comment": "freeipa-server is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403005",
|
|
"Comment": "freeipa-server-common is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403006",
|
|
"Comment": "freeipa-server-dns is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403007",
|
|
"Comment": "freeipa-server-trust-ad is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403008",
|
|
"Comment": "freeipa-tests is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403009",
|
|
"Comment": "python-module-freeipa is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403010",
|
|
"Comment": "python-module-ipaclient is earlier than 0:4.4.4-alt4.S1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20172403011",
|
|
"Comment": "python-module-ipaserver is earlier than 0:4.4.4-alt4.S1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |