1129 lines
59 KiB
JSON
1129 lines
59 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20171043",
|
|
"Version": "oval:org.altlinux.errata:def:20171043",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2017-1043: package `qemu` update to version 2.8.0-alt1",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch p9"
|
|
],
|
|
"Products": [
|
|
"ALT Server",
|
|
"ALT Virtualization Server",
|
|
"ALT Workstation",
|
|
"ALT Workstation K",
|
|
"ALT Education",
|
|
"Simply Linux",
|
|
"Starterkit"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2017-1043",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2017-1043",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2016-02069",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2016-02069",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2016-02070",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2016-02070",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2016-02071",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2016-02071",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2016-02072",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2016-02072",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-00068",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-00068",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-00069",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-00069",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-00070",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-00070",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-00071",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-00071",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-00073",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-00073",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-00075",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-00075",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-00076",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-00076",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-00077",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-00077",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-10029",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-10029",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-4002",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-4002",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-4020",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-4020",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-4952",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-4952",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-4964",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-4964",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-5105",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5105",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-5106",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5106",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-5107",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5107",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-5126",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5126",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-5238",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5238",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-5337",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5337",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-5338",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-5338",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-6351",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-6351",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-6490",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-6490",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-6833",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-6833",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-6834",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-6834",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-6836",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-6836",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-6888",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-6888",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7116",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7116",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7155",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7155",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7156",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7156",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7157",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7157",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7161",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7161",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7170",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7170",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7421",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7421",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7422",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7422",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7423",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7423",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7466",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7466",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7908",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7908",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7909",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7909",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7994",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7994",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-7995",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-7995",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-8576",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-8576",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-8577",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-8577",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-8578",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-8578",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-8668",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-8668",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-8669",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-8669",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-8909",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-8909",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-8910",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-8910",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9101",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9101",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9102",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9102",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9103",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9103",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9104",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9104",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9105",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9105",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9106",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9106",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9381",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9381",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9776",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9776",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9845",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9845",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9846",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9846",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9907",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9907",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9911",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9911",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9913",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9913",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9914",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9914",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9915",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9915",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9916",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9916",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9921",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9921",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9922",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9922",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-9923",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-9923",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-2620",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-2620",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-7980",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-7980",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades qemu to version 2.8.0-alt1. \nSecurity Fix(es):\n\n * BDU:2016-02069: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2016-02070: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2016-02071: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю читать память хоста\n\n * BDU:2016-02072: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00068: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00069: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00070: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00071: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-00073: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность данных\n\n * BDU:2017-00075: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность данных\n\n * BDU:2017-00076: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать аварийное завершение работы приложения\n\n * BDU:2017-00077: Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании или оказать иное воздействие на систему\n\n * CVE-2016-10029: The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts.\n\n * CVE-2016-4002: Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.\n\n * CVE-2016-4020: The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).\n\n * CVE-2016-4952: QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command.\n\n * CVE-2016-4964: The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s-\u003estate.\n\n * CVE-2016-5105: The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command.\n\n * CVE-2016-5106: The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command.\n\n * CVE-2016-5107: The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors.\n\n * CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.\n\n * CVE-2016-5238: The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.\n\n * CVE-2016-5337: The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.\n\n * CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer.\n\n * CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the QEMU host via vectors involving DMA read into ESP command buffer.\n\n * CVE-2016-6490: The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.\n\n * CVE-2016-6833: Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the device is active.\n\n * CVE-2016-6834: The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.\n\n * CVE-2016-6836: The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.\n\n * CVE-2016-6888: Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.\n\n * CVE-2016-7116: Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified string.\n\n * CVE-2016-7155: hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.\n\n * CVE-2016-7156: The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.\n\n * CVE-2016-7157: The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via vectors involving MPTSAS_CONFIG_PACK.\n\n * CVE-2016-7161: Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.\n\n * CVE-2016-7170: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command.\n\n * CVE-2016-7421: The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit process IO loop to the ring size.\n\n * CVE-2016-7422: The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.\n\n * CVE-2016-7423: The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors involving MPTSASRequest objects.\n\n * CVE-2016-7466: Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.\n\n * CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.\n\n * CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0.\n\n * CVE-2016-7994: Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CREATE_2D commands.\n\n * CVE-2016-7995: Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes.\n\n * CVE-2016-8576: The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process.\n\n * CVE-2016-8577: Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O read operation.\n\n * CVE-2016-8578: The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) by sending an empty string parameter to a 9P operation.\n\n * CVE-2016-8668: The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size.\n\n * CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.\n\n * CVE-2016-8909: The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.\n\n * CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.\n\n * CVE-2016-9101: Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.\n\n * CVE-2016-9102: Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number.\n\n * CVE-2016-9103: The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them.\n\n * CVE-2016-9104: Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.\n\n * CVE-2016-9105: Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.\n\n * CVE-2016-9106: Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector.\n\n * CVE-2016-9381: Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a \"double fetch\" vulnerability.\n\n * CVE-2016-9776: QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS.\n\n * CVE-2016-9845: QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes.\n\n * CVE-2016-9846: QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in update_cursor_data_virgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host.\n\n * CVE-2016-9907: Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.\n\n * CVE-2016-9911: Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.\n\n * CVE-2016-9913: Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) via vectors involving the order of resource cleanup.\n\n * CVE-2016-9914: Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.\n\n * CVE-2016-9915: Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.\n\n * CVE-2016-9916: Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.\n\n * CVE-2016-9921: Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.\n\n * CVE-2016-9922: The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.\n\n * CVE-2016-9923: Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.\n\n * CVE-2017-2620: Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process.\n\n * CVE-2017-7980: Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "Critical",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2017-01-17"
|
|
},
|
|
"Updated": {
|
|
"Date": "2017-01-17"
|
|
},
|
|
"BDUs": [
|
|
{
|
|
"ID": "BDU:2016-02069",
|
|
"CVSS": "AV:L/AC:M/Au:S/C:N/I:N/A:P",
|
|
"CWE": "CWE-125",
|
|
"Href": "https://bdu.fstec.ru/vul/2016-02069",
|
|
"Impact": "Low",
|
|
"Public": "20160902"
|
|
},
|
|
{
|
|
"ID": "BDU:2016-02070",
|
|
"CVSS": "AV:L/AC:M/Au:S/C:N/I:N/A:P",
|
|
"CWE": "CWE-125",
|
|
"Href": "https://bdu.fstec.ru/vul/2016-02070",
|
|
"Impact": "Low",
|
|
"Public": "20160902"
|
|
},
|
|
{
|
|
"ID": "BDU:2016-02071",
|
|
"CVSS": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
|
|
"CWE": "CWE-200",
|
|
"Href": "https://bdu.fstec.ru/vul/2016-02071",
|
|
"Impact": "Low",
|
|
"Public": "20160902"
|
|
},
|
|
{
|
|
"ID": "BDU:2016-02072",
|
|
"CVSS": "AV:L/AC:M/Au:S/C:N/I:N/A:P",
|
|
"CWE": "CWE-125",
|
|
"Href": "https://bdu.fstec.ru/vul/2016-02072",
|
|
"Impact": "Low",
|
|
"Public": "20160902"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-00068",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CWE": "CWE-400",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-00068",
|
|
"Impact": "Low",
|
|
"Public": "20161230"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-00069",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CWE": "CWE-400",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-00069",
|
|
"Impact": "Low",
|
|
"Public": "20161230"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-00070",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CWE": "CWE-400",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-00070",
|
|
"Impact": "Low",
|
|
"Public": "20161230"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-00071",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CWE": "CWE-400",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-00071",
|
|
"Impact": "Low",
|
|
"Public": "20161230"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-00073",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CWE": "CWE-400",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-00073",
|
|
"Impact": "Low",
|
|
"Public": "20161224"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-00075",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CWE": "CWE-400",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-00075",
|
|
"Impact": "Low",
|
|
"Public": "20161224"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-00076",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CWE": "CWE-119",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-00076",
|
|
"Impact": "Low",
|
|
"Public": "20161230"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-00077",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"CWE": "CWE-200",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-00077",
|
|
"Impact": "Low",
|
|
"Public": "20161230"
|
|
}
|
|
],
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2016-10029",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-125",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-10029",
|
|
"Impact": "Low",
|
|
"Public": "20170227"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-4002",
|
|
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-120",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-4002",
|
|
"Impact": "Critical",
|
|
"Public": "20160426"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-4020",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-4020",
|
|
"Impact": "Low",
|
|
"Public": "20160525"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-4952",
|
|
"CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-787",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-4952",
|
|
"Impact": "Low",
|
|
"Public": "20160902"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-4964",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-4964",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-5105",
|
|
"CVSS": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
|
|
"CWE": "CWE-908",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5105",
|
|
"Impact": "Low",
|
|
"Public": "20160902"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-5106",
|
|
"CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-787",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5106",
|
|
"Impact": "Low",
|
|
"Public": "20160902"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-5107",
|
|
"CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-125",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5107",
|
|
"Impact": "Low",
|
|
"Public": "20160902"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-5126",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-787",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5126",
|
|
"Impact": "High",
|
|
"Public": "20160601"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-5238",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-787",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5238",
|
|
"Impact": "Low",
|
|
"Public": "20160614"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-5337",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5337",
|
|
"Impact": "Low",
|
|
"Public": "20160614"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-5338",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-5338",
|
|
"Impact": "High",
|
|
"Public": "20160614"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-6351",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-6351",
|
|
"Impact": "Low",
|
|
"Public": "20160907"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-6490",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-120",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-6490",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-6833",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-416",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-6833",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-6834",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-120",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-6834",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-6836",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
|
|
"CWE": "CWE-665",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-6836",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-6888",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-190",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-6888",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7116",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
|
|
"CWE": "CWE-22",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7116",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7155",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7155",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7156",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-704",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7156",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7157",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7157",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7161",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-787",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7161",
|
|
"Impact": "Critical",
|
|
"Public": "20161005"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7170",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-129",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7170",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7421",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-834",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7421",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7422",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-120",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7422",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7423",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7423",
|
|
"Impact": "Low",
|
|
"Public": "20161010"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7466",
|
|
"CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7466",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7908",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-835",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7908",
|
|
"Impact": "Low",
|
|
"Public": "20161005"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7909",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-835",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7909",
|
|
"Impact": "Low",
|
|
"Public": "20161005"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7994",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7994",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-7995",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-7995",
|
|
"Impact": "Low",
|
|
"Public": "20161210"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-8576",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-770",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-8576",
|
|
"Impact": "Low",
|
|
"Public": "20161104"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-8577",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-8577",
|
|
"Impact": "Low",
|
|
"Public": "20161104"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-8578",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-8578",
|
|
"Impact": "Low",
|
|
"Public": "20161104"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-8668",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-120",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-8668",
|
|
"Impact": "Low",
|
|
"Public": "20161104"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-8669",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-369",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-8669",
|
|
"Impact": "Low",
|
|
"Public": "20161104"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-8909",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-835",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-8909",
|
|
"Impact": "Low",
|
|
"Public": "20161104"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-8910",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-835",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-8910",
|
|
"Impact": "Low",
|
|
"Public": "20161104"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9101",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9101",
|
|
"Impact": "Low",
|
|
"Public": "20161209"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9102",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9102",
|
|
"Impact": "Low",
|
|
"Public": "20161209"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9103",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
|
|
"CWE": "CWE-200",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9103",
|
|
"Impact": "Low",
|
|
"Public": "20161209"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9104",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-190",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9104",
|
|
"Impact": "Low",
|
|
"Public": "20161209"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9105",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9105",
|
|
"Impact": "Low",
|
|
"Public": "20161209"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9106",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9106",
|
|
"Impact": "Low",
|
|
"Public": "20161209"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9381",
|
|
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
|
|
"CWE": "CWE-362",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9381",
|
|
"Impact": "High",
|
|
"Public": "20170123"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9776",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-835",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9776",
|
|
"Impact": "Low",
|
|
"Public": "20161229"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9845",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
|
|
"CWE": "CWE-200",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9845",
|
|
"Impact": "Low",
|
|
"Public": "20161229"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9846",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-119",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9846",
|
|
"Impact": "Low",
|
|
"Public": "20161229"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9907",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9907",
|
|
"Impact": "Low",
|
|
"Public": "20161223"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9911",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-772",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9911",
|
|
"Impact": "Low",
|
|
"Public": "20161223"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9913",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-401",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9913",
|
|
"Impact": "Low",
|
|
"Public": "20161229"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9914",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-401",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9914",
|
|
"Impact": "Low",
|
|
"Public": "20161229"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9915",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-401",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9915",
|
|
"Impact": "Low",
|
|
"Public": "20161229"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9916",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-401",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9916",
|
|
"Impact": "Low",
|
|
"Public": "20161229"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9921",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "CWE-369",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9921",
|
|
"Impact": "Low",
|
|
"Public": "20161223"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9922",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-369",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9922",
|
|
"Impact": "Low",
|
|
"Public": "20170327"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-9923",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-416",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-9923",
|
|
"Impact": "Low",
|
|
"Public": "20161223"
|
|
},
|
|
{
|
|
"ID": "CVE-2017-2620",
|
|
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
|
|
"CWE": "CWE-125",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-2620",
|
|
"Impact": "Critical",
|
|
"Public": "20180727"
|
|
},
|
|
{
|
|
"ID": "CVE-2017-7980",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
|
|
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-119",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-7980",
|
|
"Impact": "High",
|
|
"Public": "20170725"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:kworkstation:9",
|
|
"cpe:/o:alt:workstation:9",
|
|
"cpe:/o:alt:server:9",
|
|
"cpe:/o:alt:server-v:9",
|
|
"cpe:/o:alt:education:9",
|
|
"cpe:/o:alt:slinux:9",
|
|
"cpe:/o:alt:starterkit:p9",
|
|
"cpe:/o:alt:kworkstation:9.1",
|
|
"cpe:/o:alt:workstation:9.1",
|
|
"cpe:/o:alt:server:9.1",
|
|
"cpe:/o:alt:server-v:9.1",
|
|
"cpe:/o:alt:education:9.1",
|
|
"cpe:/o:alt:slinux:9.1",
|
|
"cpe:/o:alt:starterkit:9.1",
|
|
"cpe:/o:alt:kworkstation:9.2",
|
|
"cpe:/o:alt:workstation:9.2",
|
|
"cpe:/o:alt:server:9.2",
|
|
"cpe:/o:alt:server-v:9.2",
|
|
"cpe:/o:alt:education:9.2",
|
|
"cpe:/o:alt:slinux:9.2",
|
|
"cpe:/o:alt:starterkit:9.2"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:1001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043001",
|
|
"Comment": "ivshmem-tools is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043002",
|
|
"Comment": "qemu is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043003",
|
|
"Comment": "qemu-aux is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043004",
|
|
"Comment": "qemu-common is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043005",
|
|
"Comment": "qemu-doc is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043006",
|
|
"Comment": "qemu-guest-agent is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043007",
|
|
"Comment": "qemu-img is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043008",
|
|
"Comment": "qemu-system is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043009",
|
|
"Comment": "qemu-user is earlier than 0:2.8.0-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171043010",
|
|
"Comment": "qemu-user-binfmt_misc is earlier than 0:2.8.0-alt1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |