<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:red-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd">
<generator>
<oval:product_name>Oracle Errata System</oval:product_name>
<oval:product_version>Oracle Linux</oval:product_version>
<oval:schema_version>5.3</oval:schema_version>
<oval:timestamp>2018-10-12T00:00:00</oval:timestamp>
</generator>
<definitions>
<definition id="oval:com.oracle.elsa:def:20070057" version="501" class="patch">
<metadata>
<title>
ELSA-2007-0057:  Moderate: bind security update  (MODERATE)
</title>
<affected family="unix">
<platform>Oracle Linux 5</platform>

</affected>
<reference source="elsa" ref_id="ELSA-2007-0057" ref_url="http://linux.oracle.com/errata/ELSA-2007-0057.html"/>
<reference source="CVE" ref_id="CVE-2007-0493" ref_url="http://linux.oracle.com/cve/CVE-2007-0493.html"/>
<reference source="CVE" ref_id="CVE-2007-0494" ref_url="http://linux.oracle.com/cve/CVE-2007-0494.html"/>

<description>
 [30:9.3.3-8]
 - added fix for #224445 - CVE-2007-0493 BIND might crash after
   attempting to read free()-ed memory
 - added fix for #225229 - CVE-2007-0494 BIND dnssec denial of service
 - Resolves: rhbz#224445
 - Resolves: rhbz#225229
</description>
<!--
 ~~~~~~~~~~~~~~~~~~~~   advisory details   ~~~~~~~~~~~~~~~~~~~
-->
<advisory>
<severity>MODERATE</severity>
<rights>Copyright 2007 Oracle, Inc.</rights>
<issued date="2007-06-26"/>
<cve href="http://linux.oracle.com/cve/CVE-2007-0493.html">CVE-2007-0493</cve>
<cve href="http://linux.oracle.com/cve/CVE-2007-0494.html">CVE-2007-0494</cve>

</advisory>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057001" comment="Oracle Linux 5 is installed"/>
<criteria operator="OR">
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057002" comment="bind-devel is earlier than 30:9.3.3-8.el5"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20070057003" comment="bind-devel is signed with the Oracle Linux 5 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057004" comment="bind-sdb is earlier than 30:9.3.3-8.el5"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20070057005" comment="bind-sdb is signed with the Oracle Linux 5 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057006" comment="bind-libs is earlier than 30:9.3.3-8.el5"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20070057007" comment="bind-libs is signed with the Oracle Linux 5 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057008" comment="bind-libbind-devel is earlier than 30:9.3.3-8.el5"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20070057009" comment="bind-libbind-devel is signed with the Oracle Linux 5 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057010" comment="bind-utils is earlier than 30:9.3.3-8.el5"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20070057011" comment="bind-utils is signed with the Oracle Linux 5 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057012" comment="bind-chroot is earlier than 30:9.3.3-8.el5"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20070057013" comment="bind-chroot is signed with the Oracle Linux 5 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057014" comment="bind is earlier than 30:9.3.3-8.el5"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20070057015" comment="bind is signed with the Oracle Linux 5 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20070057016" comment="caching-nameserver is earlier than 30:9.3.3-8.el5"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20070057017" comment="caching-nameserver is signed with the Oracle Linux 5 key"/>
</criteria>
</criteria>
</criteria>

</definition>
<definition id="oval:com.oracle.elsa:def:20184250" version="501" class="patch">
<metadata>
<title>
ELSA-2018-4250: Unbreakable Enterprise kernel security update (IMPORTANT)
</title>
<affected family="unix">
<platform>Oracle Linux 6</platform>

</affected>
<reference source="elsa" ref_id="ELSA-2018-4250" ref_url="http://linux.oracle.com/errata/ELSA-2018-4250.html"/>
<reference source="CVE" ref_id="CVE-2018-7566" ref_url="http://linux.oracle.com/cve/CVE-2018-7566.html"/>
<reference source="CVE" ref_id="CVE-2017-13695" ref_url="http://linux.oracle.com/cve/CVE-2017-13695.html"/>
<reference source="CVE" ref_id="CVE-2018-16658" ref_url="http://linux.oracle.com/cve/CVE-2018-16658.html"/>
<reference source="CVE" ref_id="CVE-2018-7492" ref_url="http://linux.oracle.com/cve/CVE-2018-7492.html"/>

<description>
[2.6.39-400.302.2]
- Revert 'Fix up non-directory creation in SGID directories' (Brian Maly)  [Orabug: 28781234]

[2.6.39-400.302.1]
- Fix up non-directory creation in SGID directories (Linus Torvalds)  [Orabug: 28459479]  {CVE-2018-13405}
- ALSA: seq: Make ioctls race-free (Takashi Iwai)  [Orabug: 28459730]  {CVE-2018-7566}
- rds: CVE-2018-7492: Fix NULL pointer dereference in __rds_rdma_map (Hakon Bugge)  [Orabug: 28539910]  {CVE-2018-7492}
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (Scott Bauer)  [Orabug: 28664549]  {CVE-2018-16658}
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (Seunghun Han)  [Orabug: 28664580]  {CVE-2017-13695}
- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook)  [Orabug: 28710024]  {CVE-2018-14634}
</description>
<!--
 ~~~~~~~~~~~~~~~~~~~~   advisory details   ~~~~~~~~~~~~~~~~~~~
-->
<advisory>
<severity>IMPORTANT</severity>
<rights>Copyright 2018 Oracle, Inc.</rights>
<issued date="2018-10-12"/>
<cve href="http://linux.oracle.com/cve/CVE-2018-7566.html">CVE-2018-7566</cve>
<cve href="http://linux.oracle.com/cve/CVE-2017-13695.html">CVE-2017-13695</cve>
<cve href="http://linux.oracle.com/cve/CVE-2018-16658.html">CVE-2018-16658</cve>
<cve href="http://linux.oracle.com/cve/CVE-2018-7492.html">CVE-2018-7492</cve>

</advisory>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20184250001" comment="Oracle Linux 6 is installed"/>
<criteria operator="OR">
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20184250002" comment="kernel-uek is earlier than 0:2.6.39-400.302.2.el6uek"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20184250003" comment="kernel-uek is signed with the Oracle Linux 6 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20184250004" comment="kernel-uek-debug is earlier than 0:2.6.39-400.302.2.el6uek"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20184250005" comment="kernel-uek-debug is signed with the Oracle Linux 6 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20184250006" comment="kernel-uek-debug-devel is earlier than 0:2.6.39-400.302.2.el6uek"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20184250007" comment="kernel-uek-debug-devel is signed with the Oracle Linux 6 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20184250008" comment="kernel-uek-devel is earlier than 0:2.6.39-400.302.2.el6uek"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20184250009" comment="kernel-uek-devel is signed with the Oracle Linux 6 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20184250010" comment="kernel-uek-doc is earlier than 0:2.6.39-400.302.2.el6uek"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20184250011" comment="kernel-uek-doc is signed with the Oracle Linux 6 key"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:20184250012" comment="kernel-uek-firmware is earlier than 0:2.6.39-400.302.2.el6uek"/>
<criterion test_ref="oval:com.oracle.elsa:tst:20184250013" comment="kernel-uek-firmware is signed with the Oracle Linux 6 key"/>
</criteria>
</criteria>
</criteria>

</definition>
</definitions>
<tests>
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057001"  version="501" comment="Oracle Linux 5 is installed" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:20070057001" />
<state state_ref="oval:com.oracle.elsa:ste:20070057002" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:20070057002"  version="501" comment="bind-devel is earlier than 30:9.3.3-8.el5" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:20070057004" />
<state state_ref="oval:com.oracle.elsa:ste:20070057003" />
</rpminfo_test>
</tests>
<objects>
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057005" version="501">
<name>bind-sdb</name>
</rpminfo_object>
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:20070057007" version="501">
<name>bind-chroot</name>
</rpminfo_object>
</objects>
<states>
<!--
 ~~~~~~~~~~~~~~~~~~~~   rpminfo states   ~~~~~~~~~~~~~~~~~~~~~
-->
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070057001" version="501"><signature_keyid operation="equals">66ced3de1e5e0159</signature_keyid>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070057002" version="501"><version operation="pattern match">^5</version>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070057003" version="501"><evr datatype="evr_string" operation="less than">30:9.3.3-8.el5</evr>
</rpminfo_state>
<!--
 ~~~~~~~~~~~~~~~~~~~~   rpminfo states   ~~~~~~~~~~~~~~~~~~~~~
-->
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070066001" version="501"><signature_keyid operation="equals">66ced3de1e5e0159</signature_keyid>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070066002" version="501"><version operation="pattern match">^5</version>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:20070066003" version="501"><evr datatype="evr_string" operation="less than">0:0.99.5-1.el5.0.1</evr>
</rpminfo_state>
</states>
</oval_definitions>
