pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/c10f1/ALT-PU-2020-2588/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

109 lines
4.0 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20202588",
"Version": "oval:org.altlinux.errata:def:20202588",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-2588: package `libX11` update to version 1.6.11-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-2588",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-2588",
"Source": "ALTPU"
},
{
"RefID": "BDU:2020-03916",
"RefURL": "https://bdu.fstec.ru/vul/2020-03916",
"Source": "BDU"
},
{
"RefID": "CVE-2020-14344",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-14344",
"Source": "CVE"
}
],
"Description": "This update upgrades libX11 to version 1.6.11-alt1. \nSecurity Fix(es):\n\n * BDU:2020-03916: Уязвимость библиотеки предоставления клиентского API для X Window System libX11, вызванная целочисленным переполнением, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2020-14344: An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are shipped with Red Hat Enterprise Linux.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Low",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-08-13"
},
"Updated": {
"Date": "2020-08-13"
},
"BDUs": [
{
"ID": "BDU:2020-03916",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"CWE": "CWE-119, CWE-190",
"Href": "https://bdu.fstec.ru/vul/2020-03916",
"Impact": "Low",
"Public": "20200805"
}
],
"CVEs": [
{
"ID": "CVE-2020-14344",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-14344",
"Impact": "Low",
"Public": "20200805"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20202588001",
"Comment": "libX11 is earlier than 3:1.6.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20202588002",
"Comment": "libX11-devel is earlier than 3:1.6.11-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20202588003",
"Comment": "libX11-locales is earlier than 3:1.6.11-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink