pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
af2f8b3981
vuln-list-alt/oval/c10f1/ALT-PU-2019-2841/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

277 lines
11 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20192841",
"Version": "oval:org.altlinux.errata:def:20192841",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2019-2841: package `ceph` update to version 14.2.4-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2019-2841",
"RefURL": "https://errata.altlinux.org/ALT-PU-2019-2841",
"Source": "ALTPU"
},
{
"RefID": "BDU:2019-03217",
"RefURL": "https://bdu.fstec.ru/vul/2019-03217",
"Source": "BDU"
},
{
"RefID": "CVE-2019-10222",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-10222",
"Source": "CVE"
}
],
"Description": "This update upgrades ceph to version 14.2.4-alt1. \nSecurity Fix(es):\n\n * BDU:2019-03217: Уязвимость конфигурации службы RGW системы хранения данных Ceph, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2019-10222: A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2019-10-09"
},
"Updated": {
"Date": "2019-10-09"
},
"BDUs": [
{
"ID": "BDU:2019-03217",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-400, CWE-755",
"Href": "https://bdu.fstec.ru/vul/2019-03217",
"Impact": "High",
"Public": "20190829"
}
],
"CVEs": [
{
"ID": "CVE-2019-10222",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-755",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-10222",
"Impact": "High",
"Public": "20191108"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20192841001",
"Comment": "ceph is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841002",
"Comment": "ceph-base is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841003",
"Comment": "ceph-common is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841004",
"Comment": "ceph-devel is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841005",
"Comment": "ceph-fuse is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841006",
"Comment": "ceph-mds is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841007",
"Comment": "ceph-mgr is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841008",
"Comment": "ceph-mgr-ansible is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841009",
"Comment": "ceph-mgr-dashboard is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841010",
"Comment": "ceph-mgr-deepsea is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841011",
"Comment": "ceph-mgr-diskprediction-local is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841012",
"Comment": "ceph-mgr-influx is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841013",
"Comment": "ceph-mgr-insights is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841014",
"Comment": "ceph-mgr-prometheus is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841015",
"Comment": "ceph-mgr-restful is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841016",
"Comment": "ceph-mgr-rook is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841017",
"Comment": "ceph-mgr-ssh is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841018",
"Comment": "ceph-mgr-telegraf is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841019",
"Comment": "ceph-mgr-zabbix is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841020",
"Comment": "ceph-mon is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841021",
"Comment": "ceph-osd is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841022",
"Comment": "ceph-radosgw is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841023",
"Comment": "ceph-resource-agents is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841024",
"Comment": "cephfs-shell is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841025",
"Comment": "grafana-dashboards-ceph is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841026",
"Comment": "libcephfs-devel is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841027",
"Comment": "libcephfs2 is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841028",
"Comment": "librados-devel is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841029",
"Comment": "librados2 is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841030",
"Comment": "libradosstriper-devel is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841031",
"Comment": "libradosstriper1 is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841032",
"Comment": "librbd-devel is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841033",
"Comment": "librbd1 is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841034",
"Comment": "librgw-devel is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841035",
"Comment": "librgw2 is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841036",
"Comment": "python3-module-ceph is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841037",
"Comment": "python3-module-ceph-argparse is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841038",
"Comment": "python3-module-ceph_volume is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841039",
"Comment": "python3-module-cephfs is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841040",
"Comment": "python3-module-rados is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841041",
"Comment": "python3-module-rbd is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841042",
"Comment": "python3-module-rgw is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841043",
"Comment": "rbd-fuse is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841044",
"Comment": "rbd-mirror is earlier than 0:14.2.4-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20192841045",
"Comment": "rbd-nbd is earlier than 0:14.2.4-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink