169 lines
6.5 KiB
JSON
169 lines
6.5 KiB
JSON
{
|
||
"Definition": [
|
||
{
|
||
"ID": "oval:org.altlinux.errata:def:20172664",
|
||
"Version": "oval:org.altlinux.errata:def:20172664",
|
||
"Class": "patch",
|
||
"Metadata": {
|
||
"Title": "ALT-PU-2017-2664: package `kernel-image-std-def` update to version 4.9.63-alt1",
|
||
"AffectedList": [
|
||
{
|
||
"Family": "unix",
|
||
"Platforms": [
|
||
"ALT Linux branch p10"
|
||
],
|
||
"Products": [
|
||
"ALT Server",
|
||
"ALT Virtualization Server",
|
||
"ALT Workstation",
|
||
"ALT Workstation K",
|
||
"ALT Education",
|
||
"Simply Linux",
|
||
"Starterkit"
|
||
]
|
||
}
|
||
],
|
||
"References": [
|
||
{
|
||
"RefID": "ALT-PU-2017-2664",
|
||
"RefURL": "https://errata.altlinux.org/ALT-PU-2017-2664",
|
||
"Source": "ALTPU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2017-02266",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2017-02266",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "CVE-2017-13080",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-13080",
|
||
"Source": "CVE"
|
||
}
|
||
],
|
||
"Description": "This update upgrades kernel-image-std-def to version 4.9.63-alt1. \nSecurity Fix(es):\n\n * BDU:2017-02266: Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети\n\n * CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
|
||
"Advisory": {
|
||
"From": "errata.altlinux.org",
|
||
"Severity": "High",
|
||
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||
"Issued": {
|
||
"Date": "2017-11-18"
|
||
},
|
||
"Updated": {
|
||
"Date": "2017-11-18"
|
||
},
|
||
"BDUs": [
|
||
{
|
||
"ID": "BDU:2017-02266",
|
||
"CVSS": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
|
||
"CVSS3": "AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
|
||
"CWE": "CWE-320",
|
||
"Href": "https://bdu.fstec.ru/vul/2017-02266",
|
||
"Impact": "High",
|
||
"Public": "20170828"
|
||
}
|
||
],
|
||
"CVEs": [
|
||
{
|
||
"ID": "CVE-2017-13080",
|
||
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
|
||
"CVSS3": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
|
||
"CWE": "CWE-330",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-13080",
|
||
"Impact": "Low",
|
||
"Public": "20171017"
|
||
}
|
||
],
|
||
"AffectedCPEs": {
|
||
"CPEs": [
|
||
"cpe:/o:alt:kworkstation:10",
|
||
"cpe:/o:alt:workstation:10",
|
||
"cpe:/o:alt:server:10",
|
||
"cpe:/o:alt:server-v:10",
|
||
"cpe:/o:alt:education:10",
|
||
"cpe:/o:alt:slinux:10",
|
||
"cpe:/o:alt:starterkit:p10",
|
||
"cpe:/o:alt:kworkstation:10.1",
|
||
"cpe:/o:alt:workstation:10.1",
|
||
"cpe:/o:alt:server:10.1",
|
||
"cpe:/o:alt:server-v:10.1",
|
||
"cpe:/o:alt:education:10.1",
|
||
"cpe:/o:alt:slinux:10.1",
|
||
"cpe:/o:alt:starterkit:10.1",
|
||
"cpe:/o:alt:kworkstation:10.2",
|
||
"cpe:/o:alt:workstation:10.2",
|
||
"cpe:/o:alt:server:10.2",
|
||
"cpe:/o:alt:server-v:10.2",
|
||
"cpe:/o:alt:education:10.2",
|
||
"cpe:/o:alt:slinux:10.2",
|
||
"cpe:/o:alt:starterkit:10.2"
|
||
]
|
||
}
|
||
}
|
||
},
|
||
"Criteria": {
|
||
"Operator": "AND",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:2001",
|
||
"Comment": "ALT Linux must be installed"
|
||
}
|
||
],
|
||
"Criterias": [
|
||
{
|
||
"Operator": "OR",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664001",
|
||
"Comment": "kernel-doc-std is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664002",
|
||
"Comment": "kernel-headers-modules-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664003",
|
||
"Comment": "kernel-headers-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664004",
|
||
"Comment": "kernel-image-domU-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664005",
|
||
"Comment": "kernel-image-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664006",
|
||
"Comment": "kernel-modules-drm-nouveau-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664007",
|
||
"Comment": "kernel-modules-drm-radeon-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664008",
|
||
"Comment": "kernel-modules-drm-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664009",
|
||
"Comment": "kernel-modules-ide-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664010",
|
||
"Comment": "kernel-modules-kvm-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664011",
|
||
"Comment": "kernel-modules-staging-std-def is earlier than 1:4.9.63-alt1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:20172664012",
|
||
"Comment": "kernel-modules-v4l-std-def is earlier than 1:4.9.63-alt1"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |