pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9a236ac382
vuln-list-alt/oval/p11/ALT-PU-2020-3148/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

155 lines
6.6 KiB
JSON
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20203148",
"Version": "oval:org.altlinux.errata:def:20203148",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-3148: package `bchunk` update to version 1.2.2-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-3148",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-3148",
"Source": "ALTPU"
},
{
"RefID": "BDU:2017-02604",
"RefURL": "https://bdu.fstec.ru/vul/2017-02604",
"Source": "BDU"
},
{
"RefID": "BDU:2017-02605",
"RefURL": "https://bdu.fstec.ru/vul/2017-02605",
"Source": "BDU"
},
{
"RefID": "BDU:2017-02606",
"RefURL": "https://bdu.fstec.ru/vul/2017-02606",
"Source": "BDU"
},
{
"RefID": "CVE-2017-15953",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-15953",
"Source": "CVE"
},
{
"RefID": "CVE-2017-15954",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-15954",
"Source": "CVE"
},
{
"RefID": "CVE-2017-15955",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-15955",
"Source": "CVE"
}
],
"Description": "This update upgrades bchunk to version 1.2.2-alt1. \nSecurity Fix(es):\n\n * BDU:2017-02604: Уязвимость программного обеспечение для преобразования образов bchunk операционной системы Debian GNU/Linux, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать аварийное завершение работы приложения\n\n * BDU:2017-02605: Уязвимость программного обеспечение для преобразования образов bchunk операционной системы Debian GNU/Linux, вызванная переполнением буфера в динамической памяти, позволяющая нарушителю вызвать аварийное завершение работы приложения\n\n * BDU:2017-02606: Уязвимость программного обеспечение для преобразования образов bchunk операционной системы Debian GNU/Linux, вызванная переполнением буфера в динамической памяти, позволяющая нарушителю вызвать аварийное завершение работы приложения\n\n * CVE-2017-15953: bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.\n\n * CVE-2017-15954: bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.\n\n * CVE-2017-15955: bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an \"Access violation near NULL on destination operand\" and crash when processing a malformed CUE (.cue) file.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-10-28"
},
"Updated": {
"Date": "2020-10-28"
},
"BDUs": [
{
"ID": "BDU:2017-02604",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2017-02604",
"Impact": "Low",
"Public": "20170909"
},
{
"ID": "BDU:2017-02605",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2017-02605",
"Impact": "Low",
"Public": "20170909"
},
{
"ID": "BDU:2017-02606",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2017-02606",
"Impact": "Low",
"Public": "20170909"
}
],
"CVEs": [
{
"ID": "CVE-2017-15953",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-15953",
"Impact": "Low",
"Public": "20171028"
},
{
"ID": "CVE-2017-15954",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-15954",
"Impact": "Low",
"Public": "20171028"
},
{
"ID": "CVE-2017-15955",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-15955",
"Impact": "Low",
"Public": "20171028"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20203148001",
"Comment": "bchunk is earlier than 0:1.2.2-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink