Support Oracle Linux Security Advisory (#18)
* Add oracle vulnsrc * Refactoring * Review fixed * Fix tests
This commit is contained in:
parent
bd6da033c2
commit
afc3143fc1
9
main.go
9
main.go
@ -17,6 +17,7 @@ import (
|
||||
"github.com/aquasecurity/vuln-list-update/git"
|
||||
"github.com/aquasecurity/vuln-list-update/nvd"
|
||||
debianoval "github.com/aquasecurity/vuln-list-update/oval/debian"
|
||||
oracleoval "github.com/aquasecurity/vuln-list-update/oval/oracle"
|
||||
redhatoval "github.com/aquasecurity/vuln-list-update/oval/redhat"
|
||||
"github.com/aquasecurity/vuln-list-update/redhat"
|
||||
"github.com/aquasecurity/vuln-list-update/ubuntu"
|
||||
@ -32,7 +33,7 @@ const (
|
||||
)
|
||||
|
||||
var (
|
||||
target = flag.String("target", "", "update target (nvd, alpine, redhat, debian, ubuntu)")
|
||||
target = flag.String("target", "", "update target (nvd, alpine, redhat, redhat-oval, debian, debian-oval, ubuntu, amazon, oracle-oval)")
|
||||
years = flag.String("years", "", "update years (only redhat)")
|
||||
)
|
||||
|
||||
@ -125,6 +126,12 @@ func run() error {
|
||||
return xerrors.Errorf("error in Amazon update: %w", err)
|
||||
}
|
||||
commitMsg = "Amazon Linux Security Center"
|
||||
case "oracle-oval":
|
||||
oc := oracleoval.NewConfig()
|
||||
if err := oc.Update(); err != nil {
|
||||
return xerrors.Errorf("error in Oracle Linux OVAL update: %w", err)
|
||||
}
|
||||
commitMsg = "Oracle Linux OVAL"
|
||||
default:
|
||||
return xerrors.New("unknown target")
|
||||
}
|
||||
|
102
oval/oracle/oracle.go
Normal file
102
oval/oracle/oracle.go
Normal file
@ -0,0 +1,102 @@
|
||||
package oracle
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"compress/bzip2"
|
||||
"encoding/xml"
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"github.com/aquasecurity/vuln-list-update/utils"
|
||||
"github.com/spf13/afero"
|
||||
"golang.org/x/xerrors"
|
||||
pb "gopkg.in/cheggaaa/pb.v1"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrInvalidELSAID = xerrors.New("invalid ELSA ID")
|
||||
)
|
||||
|
||||
const (
|
||||
ovalDir = "oval"
|
||||
oracleDir = "oracle"
|
||||
ovalURL = "https://linux.oracle.com/security/oval/com.oracle.elsa-all.xml.bz2"
|
||||
retry = 5
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
VulnListDir string
|
||||
URL string
|
||||
AppFs afero.Fs
|
||||
Retry int
|
||||
}
|
||||
|
||||
func NewConfig() Config {
|
||||
return Config{
|
||||
VulnListDir: utils.VulnListDir(),
|
||||
URL: ovalURL,
|
||||
AppFs: afero.NewOsFs(),
|
||||
Retry: retry,
|
||||
}
|
||||
}
|
||||
|
||||
func (c Config) Update() error {
|
||||
log.Printf("Fetching Oracle")
|
||||
|
||||
res, err := utils.FetchURL(c.URL, "", c.Retry)
|
||||
if err != nil {
|
||||
return xerrors.Errorf("failed to fetch Oracle Linux OVAL: %w", err)
|
||||
}
|
||||
|
||||
var ov Oval
|
||||
ovalReader := bzip2.NewReader(bytes.NewReader(res))
|
||||
err = xml.NewDecoder(ovalReader).Decode(&ov)
|
||||
if err != nil {
|
||||
return xerrors.Errorf("failed to decode Oracle Linux OVAL XML: %w", err)
|
||||
}
|
||||
|
||||
dir := filepath.Join(ovalDir, oracleDir)
|
||||
bar := pb.StartNew(len(ov.Definitions))
|
||||
for _, def := range ov.Definitions {
|
||||
def.Title = strings.TrimSpace(def.Title)
|
||||
def.Description = strings.TrimSpace(def.Description)
|
||||
|
||||
//def.Title example: "\nELSA-2019-4827: docker-engine docker-cli security update (IMPORTANT)"
|
||||
elsaID := strings.TrimSpace(strings.Split(def.Title, ":")[0])
|
||||
if err = c.saveELSAPerYear(dir, elsaID, def); err != nil {
|
||||
if err == ErrInvalidELSAID {
|
||||
log.Printf("Invalid ELSA ID: %s\n", elsaID)
|
||||
continue
|
||||
}
|
||||
|
||||
return xerrors.Errorf("failed to save ELSAPerYear: %w", err)
|
||||
}
|
||||
bar.Increment()
|
||||
}
|
||||
bar.Finish()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c Config) saveELSAPerYear(dirName string, elsaID string, data interface{}) error {
|
||||
s := strings.Split(elsaID, "-")
|
||||
if len(s) < 3 {
|
||||
return ErrInvalidELSAID
|
||||
}
|
||||
|
||||
yearDir := filepath.Join(c.VulnListDir, dirName, s[1])
|
||||
if err := c.AppFs.MkdirAll(yearDir, os.ModePerm); err != nil {
|
||||
return xerrors.Errorf("failed to create directory: %w", err)
|
||||
}
|
||||
|
||||
filePath := filepath.Join(yearDir, fmt.Sprintf("%s.json", elsaID))
|
||||
|
||||
fs := utils.NewFs(c.AppFs)
|
||||
if err := fs.WriteJSON(filePath, data); err != nil {
|
||||
return xerrors.Errorf("failed to write file: %w", err)
|
||||
}
|
||||
return nil
|
||||
}
|
178
oval/oracle/oracle_test.go
Normal file
178
oval/oracle/oracle_test.go
Normal file
@ -0,0 +1,178 @@
|
||||
package oracle_test
|
||||
|
||||
import (
|
||||
"flag"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/aquasecurity/vuln-list-update/oval/oracle"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/spf13/afero"
|
||||
)
|
||||
|
||||
var update = flag.Bool("update", false, "update golden files")
|
||||
|
||||
func TestConfig_Update(t *testing.T) {
|
||||
testCases := []struct {
|
||||
name string
|
||||
appFs afero.Fs
|
||||
bzip2FileNames map[string]string
|
||||
goldenFiles map[string]string
|
||||
expectedErrorMsg string
|
||||
}{
|
||||
{
|
||||
name: "positive test",
|
||||
appFs: afero.NewMemMapFs(),
|
||||
bzip2FileNames: map[string]string{
|
||||
"/oval/com.oracle.elsa-all.xml.bz2": "testdata/all-positive-data.xml.bz2",
|
||||
},
|
||||
goldenFiles: map[string]string{
|
||||
"/tmp/oval/oracle/2007/ELSA-2007-0057.json": "testdata/golden/ELSA-2007-0057.json",
|
||||
"/tmp/oval/oracle/2008/ELSA-2008-0110.json": "testdata/golden/ELSA-2008-0110.json",
|
||||
"/tmp/oval/oracle/2009/ELSA-2009-1203.json": "testdata/golden/ELSA-2009-1203.json",
|
||||
"/tmp/oval/oracle/2010/ELSA-2010-0809.json": "testdata/golden/ELSA-2010-0809.json",
|
||||
"/tmp/oval/oracle/2011/ELSA-2011-1268.json": "testdata/golden/ELSA-2011-1268.json",
|
||||
"/tmp/oval/oracle/2012/ELSA-2012-1261.json": "testdata/golden/ELSA-2012-1261.json",
|
||||
"/tmp/oval/oracle/2013/ELSA-2013-1732.json": "testdata/golden/ELSA-2013-1732.json",
|
||||
"/tmp/oval/oracle/2014/ELSA-2014-2010.json": "testdata/golden/ELSA-2014-2010.json",
|
||||
"/tmp/oval/oracle/2015/ELSA-2015-2561.json": "testdata/golden/ELSA-2015-2561.json",
|
||||
"/tmp/oval/oracle/2016/ELSA-2016-3646.json": "testdata/golden/ELSA-2016-3646.json",
|
||||
"/tmp/oval/oracle/2017/ELSA-2017-3516.json": "testdata/golden/ELSA-2017-3516.json",
|
||||
"/tmp/oval/oracle/2018/ELSA-2018-3410.json": "testdata/golden/ELSA-2018-3410.json",
|
||||
"/tmp/oval/oracle/2019/ELSA-2019-4820.json": "testdata/golden/ELSA-2019-4820.json",
|
||||
"/tmp/oval/oracle/2019/ELSA-2019-4821.json": "testdata/golden/ELSA-2019-4821.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "positive test file format ELSA-XXXX-XXXX-X",
|
||||
appFs: afero.NewMemMapFs(),
|
||||
bzip2FileNames: map[string]string{
|
||||
"/oval/com.oracle.elsa-all.xml.bz2": "testdata/elsa-2018-1196-1.xml.bz2",
|
||||
},
|
||||
goldenFiles: map[string]string{
|
||||
"/tmp/oval/oracle/2018/ELSA-2018-1196-1.json": "testdata/golden/ELSA-2018-1196-1.json",
|
||||
},
|
||||
expectedErrorMsg: "",
|
||||
},
|
||||
{
|
||||
name: "invalid filesystem write read only path",
|
||||
appFs: afero.NewReadOnlyFs(afero.NewOsFs()),
|
||||
bzip2FileNames: map[string]string{
|
||||
"/oval/com.oracle.elsa-all.xml.bz2": "testdata/all-positive-data.xml.bz2",
|
||||
},
|
||||
goldenFiles: map[string]string{},
|
||||
expectedErrorMsg: "failed to save ELSAPerYear: failed to create directory: operation not permitted",
|
||||
},
|
||||
{
|
||||
name: "invalid title format",
|
||||
appFs: afero.NewMemMapFs(),
|
||||
bzip2FileNames: map[string]string{
|
||||
"/oval/com.oracle.elsa-all.xml.bz2": "testdata/invalid-title-format.xml.bz2",
|
||||
},
|
||||
goldenFiles: map[string]string{
|
||||
"/tmp/oval/oracle/2007/ELSA-2007-0057.json": "testdata/golden/ELSA-2007-0057.json",
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "404",
|
||||
appFs: afero.NewMemMapFs(),
|
||||
bzip2FileNames: map[string]string{},
|
||||
goldenFiles: map[string]string{},
|
||||
expectedErrorMsg: "failed to fetch Oracle Linux OVAL: failed to fetch URL: HTTP error. status code: 404, url:",
|
||||
},
|
||||
{
|
||||
name: "invalid file format",
|
||||
appFs: afero.NewMemMapFs(),
|
||||
bzip2FileNames: map[string]string{
|
||||
"/oval/com.oracle.elsa-all.xml.bz2": "testdata/invalid.txt",
|
||||
},
|
||||
goldenFiles: map[string]string{},
|
||||
expectedErrorMsg: "failed to decode Oracle Linux OVAL XML: bzip2 data invalid: bad magic value",
|
||||
},
|
||||
{
|
||||
name: "empty file format",
|
||||
appFs: afero.NewMemMapFs(),
|
||||
bzip2FileNames: map[string]string{
|
||||
"/oval/com.oracle.elsa-all.xml.bz2": "testdata/EOF.txt",
|
||||
},
|
||||
goldenFiles: map[string]string{},
|
||||
expectedErrorMsg: "failed to decode Oracle Linux OVAL XML: unexpected EOF",
|
||||
},
|
||||
{
|
||||
name: "broken XML",
|
||||
appFs: afero.NewMemMapFs(),
|
||||
bzip2FileNames: map[string]string{
|
||||
"/oval/com.oracle.elsa-all.xml.bz2": "testdata/broken-oval-data.xml.bz2",
|
||||
},
|
||||
goldenFiles: map[string]string{},
|
||||
expectedErrorMsg: "failed to decode Oracle Linux OVAL XML: XML syntax error on line 536: element <criteria> closed by </affected>",
|
||||
},
|
||||
}
|
||||
for _, tc := range testCases {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
filePath, ok := tc.bzip2FileNames[r.URL.Path]
|
||||
if !ok {
|
||||
http.NotFound(w, r)
|
||||
return
|
||||
}
|
||||
b, err := ioutil.ReadFile(filePath)
|
||||
assert.NoError(t, err, tc.name)
|
||||
_, err = w.Write(b)
|
||||
assert.NoError(t, err, tc.name)
|
||||
}))
|
||||
defer ts.Close()
|
||||
url := ts.URL + "/oval/com.oracle.elsa-all.xml.bz2"
|
||||
c := oracle.Config{
|
||||
VulnListDir: "/tmp",
|
||||
URL: url,
|
||||
AppFs: tc.appFs,
|
||||
Retry: 0,
|
||||
}
|
||||
err := c.Update()
|
||||
switch {
|
||||
case tc.expectedErrorMsg != "":
|
||||
assert.Contains(t, err.Error(), tc.expectedErrorMsg, tc.name)
|
||||
return
|
||||
default:
|
||||
assert.NoError(t, err, tc.name)
|
||||
}
|
||||
|
||||
fileCount := 0
|
||||
err = afero.Walk(c.AppFs, "/", func(path string, info os.FileInfo, err error) error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if info.IsDir() {
|
||||
return nil
|
||||
}
|
||||
fileCount += 1
|
||||
|
||||
actual, err := afero.ReadFile(c.AppFs, path)
|
||||
assert.NoError(t, err, tc.name)
|
||||
|
||||
goldenPath, ok := tc.goldenFiles[path]
|
||||
assert.True(t, ok, tc.name)
|
||||
|
||||
if *update {
|
||||
err = ioutil.WriteFile(goldenPath, actual, 0666)
|
||||
assert.NoError(t, err, tc.name)
|
||||
}
|
||||
|
||||
expected, err := ioutil.ReadFile(goldenPath)
|
||||
assert.NoError(t, err, tc.name)
|
||||
|
||||
assert.Equal(t, expected, actual, tc.name)
|
||||
|
||||
return nil
|
||||
})
|
||||
assert.Equal(t, len(tc.goldenFiles), fileCount, tc.name)
|
||||
assert.NoError(t, err, tc.name)
|
||||
})
|
||||
}
|
||||
|
||||
}
|
201
oval/oracle/testdata/ELSA-2007-0057.xml
vendored
Normal file
201
oval/oracle/testdata/ELSA-2007-0057.xml
vendored
Normal file
@ -0,0 +1,201 @@
|
||||
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:red-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd">
|
||||
<generator>
|
||||
<oval:product_name>Oracle Errata System</oval:product_name>
|
||||
<oval:product_version>Oracle Linux</oval:product_version>
|
||||
<oval:schema_version>5.3</oval:schema_version>
|
||||
<oval:timestamp>2007-06-26T00:00:00</oval:timestamp>
|
||||
</generator>
|
||||
<definitions>
|
||||
<definition id="oval:com.oracle.elsa:def:20070057" version="501" class="patch">
|
||||
<metadata>
|
||||
<title>
|
||||
ELSA-2007-0057: Moderate: bind security update (MODERATE)
|
||||
</title>
|
||||
<affected family="unix">
|
||||
<platform>Oracle Linux 5</platform>
|
||||
|
||||
</affected>
|
||||
<reference source="elsa" ref_id="ELSA-2007-0057" ref_url="http://linux.oracle.com/errata/ELSA-2007-0057.html"/>
|
||||
<reference source="CVE" ref_id="CVE-2007-0493" ref_url="http://linux.oracle.com/cve/CVE-2007-0493.html"/>
|
||||
<reference source="CVE" ref_id="CVE-2007-0494" ref_url="http://linux.oracle.com/cve/CVE-2007-0494.html"/>
|
||||
|
||||
<description>
|
||||
[30:9.3.3-8]
|
||||
- added fix for #224445 - CVE-2007-0493 BIND might crash after
|
||||
attempting to read free()-ed memory
|
||||
- added fix for #225229 - CVE-2007-0494 BIND dnssec denial of service
|
||||
- Resolves: rhbz#224445
|
||||
- Resolves: rhbz#225229
|
||||
</description>
|
||||
<!--
|
||||
~~~~~~~~~~~~~~~~~~~~ advisory details ~~~~~~~~~~~~~~~~~~~
|
||||
-->
|
||||
<advisory>
|
||||
<severity>MODERATE</severity>
|
||||
<rights>Copyright 2007 Oracle, Inc.</rights>
|
||||
<issued date="2007-06-26"/>
|
||||
<cve href="http://linux.oracle.com/cve/CVE-2007-0493.html">CVE-2007-0493</cve>
|
||||
<cve href="http://linux.oracle.com/cve/CVE-2007-0494.html">CVE-2007-0494</cve>
|
||||
|
||||
</advisory>
|
||||
</metadata>
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057001" comment="Oracle Linux 5 is installed"/>
|
||||
<criteria operator="OR">
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057002" comment="bind-devel is earlier than 30:9.3.3-8.el5"/>
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057003" comment="bind-devel is signed with the Oracle Linux 5 key"/>
|
||||
</criteria>
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057004" comment="bind-sdb is earlier than 30:9.3.3-8.el5"/>
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057005" comment="bind-sdb is signed with the Oracle Linux 5 key"/>
|
||||
</criteria>
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057006" comment="bind-libs is earlier than 30:9.3.3-8.el5"/>
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057007" comment="bind-libs is signed with the Oracle Linux 5 key"/>
|
||||
</criteria>
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057008" comment="bind-libbind-devel is earlier than 30:9.3.3-8.el5"/>
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057009" comment="bind-libbind-devel is signed with the Oracle Linux 5 key"/>
|
||||
</criteria>
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057010" comment="bind-utils is earlier than 30:9.3.3-8.el5"/>
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057011" comment="bind-utils is signed with the Oracle Linux 5 key"/>
|
||||
</criteria>
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057012" comment="bind-chroot is earlier than 30:9.3.3-8.el5"/>
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057013" comment="bind-chroot is signed with the Oracle Linux 5 key"/>
|
||||
</criteria>
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057014" comment="bind is earlier than 30:9.3.3-8.el5"/>
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057015" comment="bind is signed with the Oracle Linux 5 key"/>
|
||||
</criteria>
|
||||
<criteria operator="AND">
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057016" comment="caching-nameserver is earlier than 30:9.3.3-8.el5"/>
|
||||
<criterion test_ref="oval:com.oracle.elsa:tst:20070057017" comment="caching-nameserver is signed with the Oracle Linux 5 key"/>
|
||||
</criteria>
|
||||
</criteria>
|
||||
</criteria>
|
||||
|
||||
</definition>
|
||||
</definitions>
|
||||
<!--
|
||||
~~~~~~~~~~~~~~~~~~~~~ rpminfo tests ~~~~~~~~~~~~~~~~~~~~~
|
||||
-->
|
||||
<tests>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057001" version="501" comment="Oracle Linux 5 is installed" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057001" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057002" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057002" version="501" comment="bind-devel is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057004" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057003" version="501" comment="bind-devel is signed with the Oracle Linux 5 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057004" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057001" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057004" version="501" comment="bind-sdb is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057005" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057005" version="501" comment="bind-sdb is signed with the Oracle Linux 5 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057005" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057001" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057006" version="501" comment="bind-libs is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057002" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057007" version="501" comment="bind-libs is signed with the Oracle Linux 5 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057002" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057001" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057008" version="501" comment="bind-libbind-devel is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057006" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057009" version="501" comment="bind-libbind-devel is signed with the Oracle Linux 5 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057006" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057001" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057010" version="501" comment="bind-utils is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057003" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057011" version="501" comment="bind-utils is signed with the Oracle Linux 5 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057003" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057001" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057012" version="501" comment="bind-chroot is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057007" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057013" version="501" comment="bind-chroot is signed with the Oracle Linux 5 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057007" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057001" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057014" version="501" comment="bind is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057008" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057015" version="501" comment="bind is signed with the Oracle Linux 5 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057008" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057001" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057016" version="501" comment="caching-nameserver is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057009" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
|
||||
</rpminfo_test>
|
||||
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057017" version="501" comment="caching-nameserver is signed with the Oracle Linux 5 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||||
<object object_ref="oval:com.oracle.elsa:obj:20070057009" />
|
||||
<state state_ref="oval:com.oracle.elsa:ste:20070057001" />
|
||||
</rpminfo_test>
|
||||
|
||||
</tests>
|
||||
<!--
|
||||
~~~~~~~~~~~~~~~~~~~~ rpminfo objects ~~~~~~~~~~~~~~~~~~~~
|
||||
-->
|
||||
<objects>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057005" version="501">
|
||||
<name>bind-sdb</name>
|
||||
</rpminfo_object>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057007" version="501">
|
||||
<name>bind-chroot</name>
|
||||
</rpminfo_object>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057004" version="501">
|
||||
<name>bind-devel</name>
|
||||
</rpminfo_object>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057002" version="501">
|
||||
<name>bind-libs</name>
|
||||
</rpminfo_object>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057008" version="501">
|
||||
<name>bind</name>
|
||||
</rpminfo_object>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057001" version="501">
|
||||
<name>oraclelinux-release</name>
|
||||
</rpminfo_object>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057009" version="501">
|
||||
<name>caching-nameserver</name>
|
||||
</rpminfo_object>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057003" version="501">
|
||||
<name>bind-utils</name>
|
||||
</rpminfo_object>
|
||||
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057006" version="501">
|
||||
<name>bind-libbind-devel</name>
|
||||
</rpminfo_object>
|
||||
|
||||
</objects>
|
||||
<states>
|
||||
<!--
|
||||
~~~~~~~~~~~~~~~~~~~~ rpminfo states ~~~~~~~~~~~~~~~~~~~~~
|
||||
-->
|
||||
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070057001" version="501"><signature_keyid operation="equals">66ced3de1e5e0159</signature_keyid>
|
||||
</rpminfo_state>
|
||||
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070057002" version="501"><version operation="pattern match">^5</version>
|
||||
</rpminfo_state>
|
||||
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070057003" version="501"><evr datatype="evr_string" operation="less than">30:9.3.3-8.el5</evr>
|
||||
</rpminfo_state>
|
||||
|
||||
</states>
|
||||
</oval_definitions>
|
0
oval/oracle/testdata/EOF.txt
vendored
Normal file
0
oval/oracle/testdata/EOF.txt
vendored
Normal file
BIN
oval/oracle/testdata/all-positive-data.xml.bz2
vendored
Normal file
BIN
oval/oracle/testdata/all-positive-data.xml.bz2
vendored
Normal file
Binary file not shown.
BIN
oval/oracle/testdata/broken-oval-data.xml.bz2
vendored
Normal file
BIN
oval/oracle/testdata/broken-oval-data.xml.bz2
vendored
Normal file
Binary file not shown.
BIN
oval/oracle/testdata/elsa-2018-1196-1.xml.bz2
vendored
Normal file
BIN
oval/oracle/testdata/elsa-2018-1196-1.xml.bz2
vendored
Normal file
Binary file not shown.
149
oval/oracle/testdata/golden/ELSA-2007-0057.json
vendored
Normal file
149
oval/oracle/testdata/golden/ELSA-2007-0057.json
vendored
Normal file
@ -0,0 +1,149 @@
|
||||
{
|
||||
"Title": "ELSA-2007-0057: Moderate: bind security update (MODERATE)",
|
||||
"Description": "[30:9.3.3-8]\n - added fix for #224445 - CVE-2007-0493 BIND might crash after\n attempting to read free()-ed memory\n - added fix for #225229 - CVE-2007-0494 BIND dnssec denial of service\n - Resolves: rhbz#224445\n - Resolves: rhbz#225229",
|
||||
"Platform": [
|
||||
"Oracle Linux 5"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2007-0057.html",
|
||||
"ID": "ELSA-2007-0057"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2007-0493.html",
|
||||
"ID": "CVE-2007-0493"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2007-0494.html",
|
||||
"ID": "CVE-2007-0494"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "bind-devel is earlier than 30:9.3.3-8.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "bind-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "bind-sdb is earlier than 30:9.3.3-8.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "bind-sdb is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "bind-libs is earlier than 30:9.3.3-8.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "bind-libs is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "bind-libbind-devel is earlier than 30:9.3.3-8.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "bind-libbind-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "bind-utils is earlier than 30:9.3.3-8.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "bind-utils is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "bind-chroot is earlier than 30:9.3.3-8.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "bind-chroot is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "bind is earlier than 30:9.3.3-8.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "bind is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "caching-nameserver is earlier than 30:9.3.3-8.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "caching-nameserver is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 5 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "MODERATE",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2007-0493.html",
|
||||
"ID": "CVE-2007-0493"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2007-0494.html",
|
||||
"ID": "CVE-2007-0494"
|
||||
}
|
||||
]
|
||||
}
|
125
oval/oracle/testdata/golden/ELSA-2008-0110.json
vendored
Normal file
125
oval/oracle/testdata/golden/ELSA-2008-0110.json
vendored
Normal file
@ -0,0 +1,125 @@
|
||||
{
|
||||
"Title": "ELSA-2008-0110: Moderate: openldap security update (MODERATE)",
|
||||
"Description": "[2.3.27-8.3]\n - better fix for CVE-2007-6698 (#431407), now it fixes also\n modrdn operations\n\n [2.3.27-8.2]\n - fix CVE-2007-6698 (#431407)",
|
||||
"Platform": [
|
||||
"Oracle Linux 5"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2008-0110.html",
|
||||
"ID": "ELSA-2008-0110"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2007-6698.html",
|
||||
"ID": "CVE-2007-6698"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2008-0658.html",
|
||||
"ID": "CVE-2008-0658"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "openldap-servers-sql is earlier than 0:2.3.27-8.el5_1.3"
|
||||
},
|
||||
{
|
||||
"Comment": "openldap-servers-sql is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "openldap is earlier than 0:2.3.27-8.el5_1.3"
|
||||
},
|
||||
{
|
||||
"Comment": "openldap is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "openldap-clients is earlier than 0:2.3.27-8.el5_1.3"
|
||||
},
|
||||
{
|
||||
"Comment": "openldap-clients is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "openldap-devel is earlier than 0:2.3.27-8.el5_1.3"
|
||||
},
|
||||
{
|
||||
"Comment": "openldap-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "compat-openldap is earlier than 0:2.3.27_2.2.29-8.el5_1.3"
|
||||
},
|
||||
{
|
||||
"Comment": "compat-openldap is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "openldap-servers is earlier than 0:2.3.27-8.el5_1.3"
|
||||
},
|
||||
{
|
||||
"Comment": "openldap-servers is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 5 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "MODERATE",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2007-6698.html",
|
||||
"ID": "CVE-2007-6698"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2008-0658.html",
|
||||
"ID": "CVE-2008-0658"
|
||||
}
|
||||
]
|
||||
}
|
115
oval/oracle/testdata/golden/ELSA-2009-1203.json
vendored
Normal file
115
oval/oracle/testdata/golden/ELSA-2009-1203.json
vendored
Normal file
@ -0,0 +1,115 @@
|
||||
{
|
||||
"Title": "ELSA-2009-1203: subversion security update (IMPORTANT)",
|
||||
"Description": "[1.4.2-4.0.1.el5_3.1]\n- Add oracle-enterprise.patch\n\n[1.4.2-4.el5_3.1]\n- add security fix for CVE-2009-2411 (#515817)",
|
||||
"Platform": [
|
||||
"Oracle Linux 5"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2009-1203.html",
|
||||
"ID": "ELSA-2009-1203"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2009-2411.html",
|
||||
"ID": "CVE-2009-2411"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "subversion is earlier than 0:1.4.2-4.0.1.el5_3.1"
|
||||
},
|
||||
{
|
||||
"Comment": "subversion is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "subversion-devel is earlier than 0:1.4.2-4.0.1.el5_3.1"
|
||||
},
|
||||
{
|
||||
"Comment": "subversion-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "subversion-ruby is earlier than 0:1.4.2-4.0.1.el5_3.1"
|
||||
},
|
||||
{
|
||||
"Comment": "subversion-ruby is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "subversion-javahl is earlier than 0:1.4.2-4.0.1.el5_3.1"
|
||||
},
|
||||
{
|
||||
"Comment": "subversion-javahl is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "mod_dav_svn is earlier than 0:1.4.2-4.0.1.el5_3.1"
|
||||
},
|
||||
{
|
||||
"Comment": "mod_dav_svn is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "subversion-perl is earlier than 0:1.4.2-4.0.1.el5_3.1"
|
||||
},
|
||||
{
|
||||
"Comment": "subversion-perl is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 5 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "IMPORTANT",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2009-2411.html",
|
||||
"ID": "CVE-2009-2411"
|
||||
}
|
||||
]
|
||||
}
|
67
oval/oracle/testdata/golden/ELSA-2010-0809.json
vendored
Normal file
67
oval/oracle/testdata/golden/ELSA-2010-0809.json
vendored
Normal file
@ -0,0 +1,67 @@
|
||||
{
|
||||
"Title": "ELSA-2010-0809: xulrunner security update (CRITICAL)",
|
||||
"Description": "[1.9.2.11-4.0.1.el5_5]\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\n RedHat one.\n\n[1.9.2.11-4.el5_5]\n- Add upstream patch for CVE-2010-3765",
|
||||
"Platform": [
|
||||
"Oracle Linux 5"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2010-0809.html",
|
||||
"ID": "ELSA-2010-0809"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2010-3765.html",
|
||||
"ID": "CVE-2010-3765"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xulrunner is earlier than 0:1.9.2.11-4.0.1.el5_5"
|
||||
},
|
||||
{
|
||||
"Comment": "xulrunner is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xulrunner-devel is earlier than 0:1.9.2.11-4.0.1.el5_5"
|
||||
},
|
||||
{
|
||||
"Comment": "xulrunner-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 5 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "CRITICAL",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2010-3765.html",
|
||||
"ID": "CVE-2010-3765"
|
||||
}
|
||||
]
|
||||
}
|
127
oval/oracle/testdata/golden/ELSA-2011-1268.json
vendored
Normal file
127
oval/oracle/testdata/golden/ELSA-2011-1268.json
vendored
Normal file
@ -0,0 +1,127 @@
|
||||
{
|
||||
"Title": "ELSA-2011-1268: firefox security update (IMPORTANT)",
|
||||
"Description": "firefox:\n\n[3.6.22-1.0.1.el6_1]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones\n\n[3.6.22-1]\n- Update to 3.6.22\n\nxulrunner:\n\n[1.9.2.22-1.0.1.el6_1]\n- Replace xulrunner-redhat-default-prefs.js with\n xulrunner-oracle-default-prefs.js\n\n[- 1.9.2.22-1]\n- Update to 1.9.2.22",
|
||||
"Platform": [
|
||||
"Oracle Linux 5",
|
||||
"Oracle Linux 6"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2011-1268.html",
|
||||
"ID": "ELSA-2011-1268"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xulrunner is earlier than 0:1.9.2.22-1.0.1.el5_7"
|
||||
},
|
||||
{
|
||||
"Comment": "xulrunner is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "firefox is earlier than 0:3.6.22-1.0.1.el5_7"
|
||||
},
|
||||
{
|
||||
"Comment": "firefox is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xulrunner-devel is earlier than 0:1.9.2.22-1.0.1.el5_7"
|
||||
},
|
||||
{
|
||||
"Comment": "xulrunner-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 5 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xulrunner is earlier than 0:1.9.2.22-1.0.1.el6_1"
|
||||
},
|
||||
{
|
||||
"Comment": "xulrunner is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "firefox is earlier than 0:3.6.22-1.0.1.el6_1"
|
||||
},
|
||||
{
|
||||
"Comment": "firefox is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xulrunner-devel is earlier than 0:1.9.2.22-1.0.1.el6_1"
|
||||
},
|
||||
{
|
||||
"Comment": "xulrunner-devel is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 6 is installed"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
},
|
||||
"Severity": "IMPORTANT",
|
||||
"Cves": null
|
||||
}
|
103
oval/oracle/testdata/golden/ELSA-2012-1261.json
vendored
Normal file
103
oval/oracle/testdata/golden/ELSA-2012-1261.json
vendored
Normal file
@ -0,0 +1,103 @@
|
||||
{
|
||||
"Title": "ELSA-2012-1261: dbus security update (MODERATE)",
|
||||
"Description": "[1:1.2.24-7.0.1.el6_3 ]\n- fix netlink poll: error 4 (Zhenzhong Duan)\n\n[1:1.2.24-7]\n- Resolves: #854821\n\n[1:1.2.24-6]\n- Apply patches for CVE-2011-2200\n- Resolves: #725314",
|
||||
"Platform": [
|
||||
"Oracle Linux 6"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2012-1261.html",
|
||||
"ID": "ELSA-2012-1261"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2012-3524.html",
|
||||
"ID": "CVE-2012-3524"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "dbus is earlier than 1:1.2.24-7.0.1.el6_3"
|
||||
},
|
||||
{
|
||||
"Comment": "dbus is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "dbus-devel is earlier than 1:1.2.24-7.0.1.el6_3"
|
||||
},
|
||||
{
|
||||
"Comment": "dbus-devel is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "dbus-doc is earlier than 1:1.2.24-7.0.1.el6_3"
|
||||
},
|
||||
{
|
||||
"Comment": "dbus-doc is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "dbus-x11 is earlier than 1:1.2.24-7.0.1.el6_3"
|
||||
},
|
||||
{
|
||||
"Comment": "dbus-x11 is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "dbus-libs is earlier than 1:1.2.24-7.0.1.el6_3"
|
||||
},
|
||||
{
|
||||
"Comment": "dbus-libs is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 6 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "MODERATE",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2012-3524.html",
|
||||
"ID": "CVE-2012-3524"
|
||||
}
|
||||
]
|
||||
}
|
67
oval/oracle/testdata/golden/ELSA-2013-1732.json
vendored
Normal file
67
oval/oracle/testdata/golden/ELSA-2013-1732.json
vendored
Normal file
@ -0,0 +1,67 @@
|
||||
{
|
||||
"Title": "ELSA-2013-1732: busybox security and bug fix update (LOW)",
|
||||
"Description": "[1:1.15.1-20]\n- Resolves: #855832\n 'Installation from NFS: That directory could not be mounted from the server'\n by switching NFS mount default from UDP to TCP.\n There was another place (in uclibc this time) which used UDP.\n\n[1:1.15.1-19]\n- Resolves: #1015010\n 'busybox: insecure directory permissions in /dev'\n\n[1:1.15.1-18]\n- Resolves: #855832\n 'Installation from NFS: That directory could not be mounted from the server'\n by switching NFS mount default from UDP to TCP.\n\n[1:1.15.1-17]\n- Resolves: #820097\n- 's390x: wc: : No such file or directory'",
|
||||
"Platform": [
|
||||
"Oracle Linux 6"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2013-1732.html",
|
||||
"ID": "ELSA-2013-1732"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2013-1813.html",
|
||||
"ID": "CVE-2013-1813"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "busybox is earlier than 1:1.15.1-20.el6"
|
||||
},
|
||||
{
|
||||
"Comment": "busybox is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "busybox-petitboot is earlier than 1:1.15.1-20.el6"
|
||||
},
|
||||
{
|
||||
"Comment": "busybox-petitboot is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 6 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "LOW",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2013-1813.html",
|
||||
"ID": "CVE-2013-1813"
|
||||
}
|
||||
]
|
||||
}
|
187
oval/oracle/testdata/golden/ELSA-2014-2010.json
vendored
Normal file
187
oval/oracle/testdata/golden/ELSA-2014-2010.json
vendored
Normal file
@ -0,0 +1,187 @@
|
||||
{
|
||||
"Title": "ELSA-2014-2010: kernel security update (IMPORTANT)",
|
||||
"Description": "[3.10.0-123.13.2]\n- Oracle Linux certificates (Alexey Petrenko)\n\n[3.10.0-123.13.2]\n- [x86] traps: stop using IST for #SS (Petr Matousek) [1172812 1172813] {CVE-2014-9322}",
|
||||
"Platform": [
|
||||
"Oracle Linux 7"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2014-2010.html",
|
||||
"ID": "ELSA-2014-2010"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2014-9322.html",
|
||||
"ID": "CVE-2014-9322"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "python-perf is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "python-perf is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-doc is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-doc is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-tools-libs-devel is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-tools-libs-devel is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-devel is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-devel is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-debug-devel is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-debug-devel is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-debug is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-debug is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-tools-libs is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-tools-libs is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-tools is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-tools is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "perf is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "perf is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-headers is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-headers is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-abi-whitelists is earlier than 0:3.10.0-123.13.2.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-abi-whitelists is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 7 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "IMPORTANT",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2014-9322.html",
|
||||
"ID": "CVE-2014-9322"
|
||||
}
|
||||
]
|
||||
}
|
235
oval/oracle/testdata/golden/ELSA-2015-2561.json
vendored
Normal file
235
oval/oracle/testdata/golden/ELSA-2015-2561.json
vendored
Normal file
@ -0,0 +1,235 @@
|
||||
{
|
||||
"Title": "ELSA-2015-2561: git security update (MODERATE)",
|
||||
"Description": "[1.8.3.1-6]\n- fix arbitrary code execution via crafted URLs\n Resolves: #1274737",
|
||||
"Platform": [
|
||||
"Oracle Linux 7"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2015-2561.html",
|
||||
"ID": "ELSA-2015-2561"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2015-7545.html",
|
||||
"ID": "CVE-2015-7545"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "perl-Git is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "perl-Git is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-gui is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-gui is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-daemon is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-daemon is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-cvs is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-cvs is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-email is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-email is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "gitk is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "gitk is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-svn is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-svn is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-p4 is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-p4 is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-bzr is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-bzr is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "emacs-git is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "emacs-git is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "perl-Git-SVN is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "perl-Git-SVN is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-all is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-all is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "emacs-git-el is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "emacs-git-el is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "gitweb is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "gitweb is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "git-hg is earlier than 0:1.8.3.1-6.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "git-hg is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 7 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "MODERATE",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2015-7545.html",
|
||||
"ID": "CVE-2015-7545"
|
||||
}
|
||||
]
|
||||
}
|
270
oval/oracle/testdata/golden/ELSA-2016-3646.json
vendored
Normal file
270
oval/oracle/testdata/golden/ELSA-2016-3646.json
vendored
Normal file
@ -0,0 +1,270 @@
|
||||
{
|
||||
"Title": "ELSA-2016-3646: Unbreakable Enterprise kernel security update (IMPORTANT)",
|
||||
"Description": "[2.6.39-400.290.2]\n- aacraid: Check size values after double-fetch from user (Dave Carroll) [Orabug: 25060055] {CVE-2016-6480} {CVE-2016-6480}\n- audit: fix a double fetch in audit_log_single_execve_arg() (Paul Moore) [Orabug: 25059962] {CVE-2016-6136}\n- ecryptfs: don't allow mmap when the lower fs doesn't support it (Jeff Mahoney) [Orabug: 24971918] {CVE-2016-1583} {CVE-2016-1583}\n- ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt (Kangjie Lu) [Orabug: 25059900] {CVE-2016-4578}\n- ALSA: timer: Fix leak in events via snd_timer_user_ccallback (Kangjie Lu) [Orabug: 25059900] {CVE-2016-4578}\n- ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (Kangjie Lu) [Orabug: 25059755] {CVE-2016-4569}\n- Bluetooth: Fix potential NULL dereference in RFCOMM bind callback (Jaganath Kanakkassery) [Orabug: 25058905] {CVE-2015-8956}\n- mm: migrate dirty page without clear_page_dirty_for_io etc (Hugh Dickins) [Orabug: 25059195] {CVE-2016-3070}",
|
||||
"Platform": [
|
||||
"Oracle Linux 5",
|
||||
"Oracle Linux 6"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2016-3646.html",
|
||||
"ID": "ELSA-2016-3646"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-1583.html",
|
||||
"ID": "CVE-2016-1583"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2015-8956.html",
|
||||
"ID": "CVE-2015-8956"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-4569.html",
|
||||
"ID": "CVE-2016-4569"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-4578.html",
|
||||
"ID": "CVE-2016-4578"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-6480.html",
|
||||
"ID": "CVE-2016-6480"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-3070.html",
|
||||
"ID": "CVE-2016-3070"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-6136.html",
|
||||
"ID": "CVE-2016-6136"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-devel is earlier than 0:2.6.39-400.290.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-debug-devel is earlier than 0:2.6.39-400.290.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-debug-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-debug is earlier than 0:2.6.39-400.290.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-debug is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-doc is earlier than 0:2.6.39-400.290.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-doc is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek is earlier than 0:2.6.39-400.290.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-firmware is earlier than 0:2.6.39-400.290.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-firmware is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 5 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-devel is earlier than 0:2.6.39-400.290.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-devel is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-debug-devel is earlier than 0:2.6.39-400.290.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-debug-devel is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-firmware is earlier than 0:2.6.39-400.290.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-firmware is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-doc is earlier than 0:2.6.39-400.290.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-doc is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-debug is earlier than 0:2.6.39-400.290.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-debug is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek is earlier than 0:2.6.39-400.290.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 6 is installed"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
},
|
||||
"Severity": "IMPORTANT",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-1583.html",
|
||||
"ID": "CVE-2016-1583"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2015-8956.html",
|
||||
"ID": "CVE-2015-8956"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-4569.html",
|
||||
"ID": "CVE-2016-4569"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-4578.html",
|
||||
"ID": "CVE-2016-4578"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-6480.html",
|
||||
"ID": "CVE-2016-6480"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-3070.html",
|
||||
"ID": "CVE-2016-3070"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-6136.html",
|
||||
"ID": "CVE-2016-6136"
|
||||
}
|
||||
]
|
||||
}
|
250
oval/oracle/testdata/golden/ELSA-2017-3516.json
vendored
Normal file
250
oval/oracle/testdata/golden/ELSA-2017-3516.json
vendored
Normal file
@ -0,0 +1,250 @@
|
||||
{
|
||||
"Title": "ELSA-2017-3516: Unbreakable Enterprise kernel security update (IMPORTANT)",
|
||||
"Description": "[2.6.39-400.294.2]\n- vfs: read file_handle only once in handle_to_path (Sasha Levin) [Orabug: 25388709] {CVE-2015-1420}\n- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417807]\n- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462763] {CVE-2016-4482}\n- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462811] {CVE-2016-4485}\n- af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}\n- unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}",
|
||||
"Platform": [
|
||||
"Oracle Linux 5",
|
||||
"Oracle Linux 6"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2017-3516.html",
|
||||
"ID": "ELSA-2017-3516"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-4485.html",
|
||||
"ID": "CVE-2016-4485"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-8646.html",
|
||||
"ID": "CVE-2016-8646"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2016-4482.html",
|
||||
"ID": "CVE-2016-4482"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2013-7446.html",
|
||||
"ID": "CVE-2013-7446"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2015-1420.html",
|
||||
"ID": "CVE-2015-1420"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-firmware is earlier than 0:2.6.39-400.294.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-firmware is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-debug is earlier than 0:2.6.39-400.294.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-debug is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-doc is earlier than 0:2.6.39-400.294.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-doc is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-debug-devel is earlier than 0:2.6.39-400.294.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-debug-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-devel is earlier than 0:2.6.39-400.294.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek is earlier than 0:2.6.39-400.294.2.el5uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 5 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-debug-devel is earlier than 0:2.6.39-400.294.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-debug-devel is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek is earlier than 0:2.6.39-400.294.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-firmware is earlier than 0:2.6.39-400.294.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-firmware is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-devel is earlier than 0:2.6.39-400.294.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-devel is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-doc is earlier than 0:2.6.39-400.294.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-doc is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-uek-debug is earlier than 0:2.6.39-400.294.2.el6uek"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-uek-debug is signed with the Oracle Linux 6 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 6 is installed"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
},
|
||||
"Severity": "IMPORTANT",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-4485.html",
|
||||
"ID": "CVE-2016-4485"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-8646.html",
|
||||
"ID": "CVE-2016-8646"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2016-4482.html",
|
||||
"ID": "CVE-2016-4482"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2013-7446.html",
|
||||
"ID": "CVE-2013-7446"
|
||||
},
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2015-1420.html",
|
||||
"ID": "CVE-2015-1420"
|
||||
}
|
||||
]
|
||||
}
|
259
oval/oracle/testdata/golden/ELSA-2018-1196-1.json
vendored
Normal file
259
oval/oracle/testdata/golden/ELSA-2018-1196-1.json
vendored
Normal file
@ -0,0 +1,259 @@
|
||||
{
|
||||
"Title": "ELSA-2018-1196-1: kernel security and bug fix update (IMPORTANT)",
|
||||
"Description": "kernel\n[2.6.18-419.0.0.0.10]\n- Backport CVE-2017-5715 to RHCK/OL5 [orabug 27787723]\n\n[2.6.18-419.0.0.0.9]\n- rebuild with retpoline compiler",
|
||||
"Platform": [
|
||||
"Oracle Linux 5"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2018-1196-1.html",
|
||||
"ID": "ELSA-2018-1196-1"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2017-5715.html",
|
||||
"ID": "CVE-2017-5715"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-PAE is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-PAE is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-PAE-devel is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-PAE-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-debug is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-debug is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-debug-devel is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-debug-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-devel is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-doc is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-doc is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-headers is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-headers is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-xen is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-xen is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "kernel-xen-devel is earlier than 0:2.6.18-419.0.0.0.10.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "kernel-xen-devel is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "ocfs2-2.6.18-419.0.0.0.10.el5 is earlier than 0:1.4.11-1.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "ocfs2-2.6.18-419.0.0.0.10.el5 is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "ocfs2-2.6.18-419.0.0.0.10.el5PAE is earlier than 0:1.4.11-1.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "ocfs2-2.6.18-419.0.0.0.10.el5PAE is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "ocfs2-2.6.18-419.0.0.0.10.el5debug is earlier than 0:1.4.11-1.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "ocfs2-2.6.18-419.0.0.0.10.el5debug is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "ocfs2-2.6.18-419.0.0.0.10.el5xen is earlier than 0:1.4.11-1.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "ocfs2-2.6.18-419.0.0.0.10.el5xen is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "oracleasm-2.6.18-419.0.0.0.10.el5 is earlier than 0:2.0.5-2.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "oracleasm-2.6.18-419.0.0.0.10.el5 is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "oracleasm-2.6.18-419.0.0.0.10.el5PAE is earlier than 0:2.0.5-2.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "oracleasm-2.6.18-419.0.0.0.10.el5PAE is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "oracleasm-2.6.18-419.0.0.0.10.el5debug is earlier than 0:2.0.5-2.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "oracleasm-2.6.18-419.0.0.0.10.el5debug is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "oracleasm-2.6.18-419.0.0.0.10.el5xen is earlier than 0:2.0.5-2.el5"
|
||||
},
|
||||
{
|
||||
"Comment": "oracleasm-2.6.18-419.0.0.0.10.el5xen is signed with the Oracle Linux 5 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 5 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "IMPORTANT",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2017-5715.html",
|
||||
"ID": "CVE-2017-5715"
|
||||
}
|
||||
]
|
||||
}
|
151
oval/oracle/testdata/golden/ELSA-2018-3410.json
vendored
Normal file
151
oval/oracle/testdata/golden/ELSA-2018-3410.json
vendored
Normal file
@ -0,0 +1,151 @@
|
||||
{
|
||||
"Title": "ELSA-2018-3410: xorg-x11-server security update (IMPORTANT)",
|
||||
"Description": "[1.20.1-5.1]\n- CVE-2018-14665: Disable -logfile and -modulepath when running with elevated\n privileges\n\n[1.20.1-5]\n- Call LeaveVT from xf86CrtcCloseScreen\n\n[1.20.1-4]\n- Hide the modesetting driver's atomic ioctl support behind Option 'Atomic'",
|
||||
"Platform": [
|
||||
"Oracle Linux 7"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2018-3410.html",
|
||||
"ID": "ELSA-2018-3410"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2018-14665.html",
|
||||
"ID": "CVE-2018-14665"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xdmx is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xdmx is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xephyr is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xephyr is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xnest is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xnest is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xorg is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xorg is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xvfb is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xvfb is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xwayland is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-Xwayland is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-common is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-common is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-devel is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-devel is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "xorg-x11-server-source is earlier than 0:1.20.1-5.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "xorg-x11-server-source is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 7 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "IMPORTANT",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2018-14665.html",
|
||||
"ID": "CVE-2018-14665"
|
||||
}
|
||||
]
|
||||
}
|
235
oval/oracle/testdata/golden/ELSA-2019-4820.json
vendored
Normal file
235
oval/oracle/testdata/golden/ELSA-2019-4820.json
vendored
Normal file
File diff suppressed because one or more lines are too long
67
oval/oracle/testdata/golden/ELSA-2019-4821.json
vendored
Normal file
67
oval/oracle/testdata/golden/ELSA-2019-4821.json
vendored
Normal file
@ -0,0 +1,67 @@
|
||||
{
|
||||
"Title": "ELSA-2019-4821: sudo security update (IMPORTANT)",
|
||||
"Description": "[1.8.23-4.0.1]\n- Treat an ID of -1 as invalid since that means 'no change' [Orabug: 30421281] {CVE-2019-14287}\n- Add sudo_strtoid() tests for -1 and range errors. [Orabug: 30421281]",
|
||||
"Platform": [
|
||||
"Oracle Linux 7"
|
||||
],
|
||||
"References": [
|
||||
{
|
||||
"Source": "elsa",
|
||||
"URI": "http://linux.oracle.com/errata/ELSA-2019-4821.html",
|
||||
"ID": "ELSA-2019-4821"
|
||||
},
|
||||
{
|
||||
"Source": "CVE",
|
||||
"URI": "http://linux.oracle.com/cve/CVE-2019-14287.html",
|
||||
"ID": "CVE-2019-14287"
|
||||
}
|
||||
],
|
||||
"Criteria": {
|
||||
"Operator": "AND",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "OR",
|
||||
"Criterias": [
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "sudo is earlier than 0:1.8.23-4.0.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "sudo is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"Operator": "AND",
|
||||
"Criterias": null,
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "sudo-devel is earlier than 0:1.8.23-4.0.1.el7"
|
||||
},
|
||||
{
|
||||
"Comment": "sudo-devel is signed with the Oracle Linux 7 key"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"Criterions": null
|
||||
}
|
||||
],
|
||||
"Criterions": [
|
||||
{
|
||||
"Comment": "Oracle Linux 7 is installed"
|
||||
}
|
||||
]
|
||||
},
|
||||
"Severity": "IMPORTANT",
|
||||
"Cves": [
|
||||
{
|
||||
"Impact": "",
|
||||
"Href": "http://linux.oracle.com/cve/CVE-2019-14287.html",
|
||||
"ID": "CVE-2019-14287"
|
||||
}
|
||||
]
|
||||
}
|
BIN
oval/oracle/testdata/invalid-title-format.xml.bz2
vendored
Normal file
BIN
oval/oracle/testdata/invalid-title-format.xml.bz2
vendored
Normal file
Binary file not shown.
1
oval/oracle/testdata/invalid.txt
vendored
Normal file
1
oval/oracle/testdata/invalid.txt
vendored
Normal file
@ -0,0 +1 @@
|
||||
test
|
37
oval/oracle/types.go
Normal file
37
oval/oracle/types.go
Normal file
@ -0,0 +1,37 @@
|
||||
package oracle
|
||||
|
||||
type Oval struct {
|
||||
Definitions []Definition `xml:"definitions>definition"`
|
||||
}
|
||||
|
||||
type Definition struct {
|
||||
Title string `xml:"metadata>title"`
|
||||
Description string `xml:"metadata>description"`
|
||||
Platform []string `xml:"metadata>affected>platform"`
|
||||
References []Reference `xml:"metadata>reference"`
|
||||
Criteria Criteria `xml:"criteria"`
|
||||
Severity string `xml:"metadata>advisory>severity"`
|
||||
Cves []Cve `xml:"metadata>advisory>cve"`
|
||||
}
|
||||
|
||||
type Reference struct {
|
||||
Source string `xml:"source,attr"`
|
||||
URI string `xml:"ref_url,attr"`
|
||||
ID string `xml:"ref_id,attr"`
|
||||
}
|
||||
|
||||
type Cve struct {
|
||||
Impact string `xml:"impact,attr"`
|
||||
Href string `xml:"href,attr"`
|
||||
ID string `xml:",chardata"`
|
||||
}
|
||||
|
||||
type Criteria struct {
|
||||
Operator string `xml:"operator,attr"`
|
||||
Criterias []*Criteria `xml:"criteria"`
|
||||
Criterions []Criterion `xml:"criterion"`
|
||||
}
|
||||
|
||||
type Criterion struct {
|
||||
Comment string `xml:"comment,attr"`
|
||||
}
|
192
oval/oracle/types_test.go
Normal file
192
oval/oracle/types_test.go
Normal file
@ -0,0 +1,192 @@
|
||||
package oracle_test
|
||||
|
||||
import (
|
||||
"encoding/xml"
|
||||
"io/ioutil"
|
||||
"testing"
|
||||
|
||||
"github.com/aquasecurity/vuln-list-update/oval/oracle"
|
||||
"github.com/kylelemons/godebug/pretty"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
|
||||
tests := map[string]struct {
|
||||
in string
|
||||
want *oracle.Oval
|
||||
}{
|
||||
"nested_criterias_elsa_data": {
|
||||
// https://linux.oracle.com/oval/com.oracle.elsa-20070057.xml
|
||||
in: "testdata/ELSA-2007-0057.xml",
|
||||
want: &oracle.Oval{
|
||||
Definitions: []oracle.Definition{
|
||||
{
|
||||
Title: "\nELSA-2007-0057: Moderate: bind security update (MODERATE)\n",
|
||||
Description: "\n [30:9.3.3-8]\n - added fix for #224445 - CVE-2007-0493 BIND might crash after\n attempting to read free()-ed memory\n - added fix for #225229 - CVE-2007-0494 BIND dnssec denial of service\n - Resolves: rhbz#224445\n - Resolves: rhbz#225229 \n",
|
||||
Platform: []string{"Oracle Linux 5"},
|
||||
References: []oracle.Reference{
|
||||
{
|
||||
Source: "elsa",
|
||||
URI: "http://linux.oracle.com/errata/ELSA-2007-0057.html",
|
||||
ID: "ELSA-2007-0057",
|
||||
},
|
||||
{
|
||||
Source: "CVE",
|
||||
URI: "http://linux.oracle.com/cve/CVE-2007-0493.html",
|
||||
ID: "CVE-2007-0493",
|
||||
},
|
||||
{
|
||||
Source: "CVE",
|
||||
URI: "http://linux.oracle.com/cve/CVE-2007-0494.html",
|
||||
ID: "CVE-2007-0494",
|
||||
},
|
||||
},
|
||||
Criteria: oracle.Criteria{
|
||||
Operator: "AND",
|
||||
Criterias: []*oracle.Criteria{
|
||||
{
|
||||
Operator: "OR",
|
||||
Criterias: []*oracle.Criteria{
|
||||
{
|
||||
Operator: "AND",
|
||||
Criterias: nil,
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "bind-devel is earlier than 30:9.3.3-8.el5",
|
||||
},
|
||||
{
|
||||
Comment: "bind-devel is signed with the Oracle Linux 5 key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Operator: "AND",
|
||||
Criterias: nil,
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "bind-sdb is earlier than 30:9.3.3-8.el5",
|
||||
},
|
||||
{
|
||||
Comment: "bind-sdb is signed with the Oracle Linux 5 key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Operator: "AND",
|
||||
Criterias: nil,
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "bind-libs is earlier than 30:9.3.3-8.el5",
|
||||
},
|
||||
{
|
||||
Comment: "bind-libs is signed with the Oracle Linux 5 key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Operator: "AND",
|
||||
Criterias: nil,
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "bind-libbind-devel is earlier than 30:9.3.3-8.el5",
|
||||
},
|
||||
{
|
||||
Comment: "bind-libbind-devel is signed with the Oracle Linux 5 key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Operator: "AND",
|
||||
Criterias: nil,
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "bind-utils is earlier than 30:9.3.3-8.el5",
|
||||
},
|
||||
{
|
||||
Comment: "bind-utils is signed with the Oracle Linux 5 key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Operator: "AND",
|
||||
Criterias: nil,
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "bind-chroot is earlier than 30:9.3.3-8.el5",
|
||||
},
|
||||
{
|
||||
Comment: "bind-chroot is signed with the Oracle Linux 5 key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Operator: "AND",
|
||||
Criterias: nil,
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "bind is earlier than 30:9.3.3-8.el5",
|
||||
},
|
||||
{
|
||||
Comment: "bind is signed with the Oracle Linux 5 key",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Operator: "AND",
|
||||
Criterias: nil,
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "caching-nameserver is earlier than 30:9.3.3-8.el5",
|
||||
},
|
||||
{
|
||||
Comment: "caching-nameserver is signed with the Oracle Linux 5 key",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
Criterions: nil,
|
||||
},
|
||||
},
|
||||
Criterions: []oracle.Criterion{
|
||||
{
|
||||
Comment: "Oracle Linux 5 is installed",
|
||||
},
|
||||
},
|
||||
},
|
||||
Severity: "MODERATE",
|
||||
Cves: []oracle.Cve{
|
||||
{
|
||||
Impact: "",
|
||||
Href: "http://linux.oracle.com/cve/CVE-2007-0493.html",
|
||||
ID: "CVE-2007-0493",
|
||||
},
|
||||
{
|
||||
Impact: "",
|
||||
Href: "http://linux.oracle.com/cve/CVE-2007-0494.html",
|
||||
ID: "CVE-2007-0494",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
for testname, tt := range tests {
|
||||
t.Run(testname, func(t *testing.T) {
|
||||
xmlByte, err := ioutil.ReadFile(tt.in)
|
||||
if err != nil {
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
got := &oracle.Oval{}
|
||||
err = xml.Unmarshal(xmlByte, got)
|
||||
if err != nil {
|
||||
require.NoError(t, err)
|
||||
}
|
||||
if !assert.Equal(t, got, tt.want) {
|
||||
t.Errorf("[%s]\n diff: %s", testname, pretty.Compare(got, tt.want))
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user