155 lines
9.9 KiB
XML
155 lines
9.9 KiB
XML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
|
||
|
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:red-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd">
|
||
|
<generator>
|
||
|
<oval:product_name>Red Hat Errata System</oval:product_name>
|
||
|
<oval:schema_version>5.10.1</oval:schema_version>
|
||
|
<oval:timestamp>2015-06-29T12:11:23</oval:timestamp>
|
||
|
</generator>
|
||
|
|
||
|
<definitions>
|
||
|
<definition id="oval:com.redhat.rhsa:def:20151193" version="601" class="patch">
|
||
|
<metadata>
|
||
|
<title>RHSA-2015:1193: xerces-c security update (Moderate)</title>
|
||
|
<affected family="unix">
|
||
|
<platform>Red Hat Enterprise Linux 7</platform>
|
||
|
</affected>
|
||
|
<reference source="RHSA" ref_id="RHSA-2015:1193-00" ref_url="https://rhn.redhat.com/errata/RHSA-2015-1193.html"/>
|
||
|
<reference source="CVE" ref_id="CVE-2015-0252" ref_url="https://access.redhat.com/security/cve/CVE-2015-0252"/>
|
||
|
<description>Xerces-C is a validating XML parser written in a portable subset of C++.
|
||
|
|
||
|
A flaw was found in the way the Xerces-C XML parser processed certain XML
|
||
|
documents. A remote attacker could provide specially crafted XML input
|
||
|
that, when parsed by an application using Xerces-C, would cause that
|
||
|
application to crash.</description>
|
||
|
|
||
|
<!-- ~~~~~~~~~~~~~~~~~~~~ advisory details ~~~~~~~~~~~~~~~~~~~ -->
|
||
|
|
||
|
<advisory from="secalert@redhat.com">
|
||
|
<severity>Moderate</severity>
|
||
|
<rights>Copyright 2015 Red Hat, Inc.</rights>
|
||
|
<issued date="2015-06-29"/>
|
||
|
<updated date="2015-06-29"/>
|
||
|
<cve href="https://access.redhat.com/security/cve/CVE-2015-0252">CVE-2015-0252</cve>
|
||
|
<bugzilla href="https://bugzilla.redhat.com/1199103" id="1199103">CVE-2015-0252 xerces-c: crashes on malformed input</bugzilla>
|
||
|
<affected_cpe_list>
|
||
|
<cpe>cpe:/o:redhat:enterprise_linux:7</cpe>
|
||
|
</affected_cpe_list>
|
||
|
</advisory>
|
||
|
</metadata>
|
||
|
<criteria operator="AND">
|
||
|
|
||
|
<criteria operator="OR">
|
||
|
<criterion test_ref="oval:com.redhat.rhsa:tst:20151193001" comment="Red Hat Enterprise Linux 7 Client is installed" /><criterion test_ref="oval:com.redhat.rhsa:tst:20151193002" comment="Red Hat Enterprise Linux 7 Server is installed" /><criterion test_ref="oval:com.redhat.rhsa:tst:20151193003" comment="Red Hat Enterprise Linux 7 Workstation is installed" /><criterion test_ref="oval:com.redhat.rhsa:tst:20151193004" comment="Red Hat Enterprise Linux 7 ComputeNode is installed" />
|
||
|
|
||
|
</criteria>
|
||
|
<criteria operator="OR">
|
||
|
|
||
|
<criteria operator="AND">
|
||
|
<criterion test_ref="oval:com.redhat.rhsa:tst:20151193005" comment="xerces-c is earlier than 0:3.1.1-7.el7_1" /><criterion test_ref="oval:com.redhat.rhsa:tst:20151193006" comment="xerces-c is signed with Red Hat redhatrelease2 key" />
|
||
|
|
||
|
</criteria>
|
||
|
<criteria operator="AND">
|
||
|
<criterion test_ref="oval:com.redhat.rhsa:tst:20151193007" comment="xerces-c-devel is earlier than 0:3.1.1-7.el7_1" /><criterion test_ref="oval:com.redhat.rhsa:tst:20151193008" comment="xerces-c-devel is signed with Red Hat redhatrelease2 key" />
|
||
|
|
||
|
</criteria>
|
||
|
<criteria operator="AND">
|
||
|
<criterion test_ref="oval:com.redhat.rhsa:tst:20151193009" comment="xerces-c-doc is earlier than 0:3.1.1-7.el7_1" /><criterion test_ref="oval:com.redhat.rhsa:tst:20151193010" comment="xerces-c-doc is signed with Red Hat redhatrelease2 key" />
|
||
|
|
||
|
</criteria>
|
||
|
<criteria operator="AND">
|
||
|
<criterion test_ref="oval:com.redhat.rhsa:tst:20151193009" comment="xerces-c-x is earlier than invalid version" /><criterion test_ref="oval:com.redhat.rhsa:tst:20151193010" comment="xerces-c-doc is signed with Red Hat redhatrelease2 key" />
|
||
|
|
||
|
</criteria>
|
||
|
|
||
|
</criteria>
|
||
|
|
||
|
</criteria>
|
||
|
|
||
|
</definition>
|
||
|
</definitions>
|
||
|
<tests>
|
||
|
<!-- ~~~~~~~~~~~~~~~~~~~~~ rpminfo tests ~~~~~~~~~~~~~~~~~~~~~ -->
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193001" version="601" comment="Red Hat Enterprise Linux 7 Client is installed" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193001" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193002" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193002" version="601" comment="Red Hat Enterprise Linux 7 Server is installed" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193002" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193002" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193003" version="601" comment="Red Hat Enterprise Linux 7 Workstation is installed" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193003" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193002" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193004" version="601" comment="Red Hat Enterprise Linux 7 ComputeNode is installed" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193004" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193002" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193005" version="601" comment="xerces-c is earlier than 0:3.1.1-7.el7_1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193005" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193003" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193006" version="601" comment="xerces-c is signed with Red Hat redhatrelease2 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193005" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193001" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193007" version="601" comment="xerces-c-devel is earlier than 0:3.1.1-7.el7_1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193006" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193003" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193008" version="601" comment="xerces-c-devel is signed with Red Hat redhatrelease2 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193006" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193001" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193009" version="601" comment="xerces-c-doc is earlier than 0:3.1.1-7.el7_1" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193007" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193003" />
|
||
|
</rpminfo_test>
|
||
|
<rpminfo_test id="oval:com.redhat.rhsa:tst:20151193010" version="601" comment="xerces-c-doc is signed with Red Hat redhatrelease2 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<object object_ref="oval:com.redhat.rhsa:obj:20151193007" />
|
||
|
<state state_ref="oval:com.redhat.rhsa:ste:20151193001" />
|
||
|
</rpminfo_test>
|
||
|
|
||
|
</tests>
|
||
|
|
||
|
<objects>
|
||
|
<!-- ~~~~~~~~~~~~~~~~~~~~ rpminfo objects ~~~~~~~~~~~~~~~~~~~~ -->
|
||
|
<rpminfo_object id="oval:com.redhat.rhsa:obj:20151193001" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<name>redhat-release-client</name>
|
||
|
</rpminfo_object>
|
||
|
<rpminfo_object id="oval:com.redhat.rhsa:obj:20151193004" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<name>redhat-release-computenode</name>
|
||
|
</rpminfo_object>
|
||
|
<rpminfo_object id="oval:com.redhat.rhsa:obj:20151193002" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<name>redhat-release-server</name>
|
||
|
</rpminfo_object>
|
||
|
<rpminfo_object id="oval:com.redhat.rhsa:obj:20151193003" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<name>redhat-release-workstation</name>
|
||
|
</rpminfo_object>
|
||
|
<rpminfo_object id="oval:com.redhat.rhsa:obj:20151193005" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<name>xerces-c</name>
|
||
|
</rpminfo_object>
|
||
|
<rpminfo_object id="oval:com.redhat.rhsa:obj:20151193006" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<name>xerces-c-devel</name>
|
||
|
</rpminfo_object>
|
||
|
<rpminfo_object id="oval:com.redhat.rhsa:obj:20151193007" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<name>xerces-c-doc</name>
|
||
|
</rpminfo_object>
|
||
|
|
||
|
</objects>
|
||
|
<states>
|
||
|
<!-- ~~~~~~~~~~~~~~~~~~~~ rpminfo states ~~~~~~~~~~~~~~~~~~~~~ -->
|
||
|
<rpminfo_state id="oval:com.redhat.rhsa:ste:20151193001" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<signature_keyid operation="equals">199e2f91fd431d51</signature_keyid>
|
||
|
</rpminfo_state>
|
||
|
<rpminfo_state id="oval:com.redhat.rhsa:ste:20151193002" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<version operation="pattern match">^7[^\d]</version>
|
||
|
</rpminfo_state>
|
||
|
<rpminfo_state id="oval:com.redhat.rhsa:ste:20151193003" version="601" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
|
||
|
<evr datatype="evr_string" operation="less than">0:3.1.1-7.el7_1</evr>
|
||
|
</rpminfo_state>
|
||
|
|
||
|
</states>
|
||
|
</oval_definitions>
|