github.com/quay/claircore@v1.5.28/rhel/testdata/rhel-8-rpm-unpatched.xml (about) 1 <?xml version="1.0" encoding="utf-8"?> 2 <oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:red-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd"> 3 <generator> 4 <oval:product_name>Red Hat OVAL Patch Definition Merger</oval:product_name> 5 <oval:product_version>3</oval:product_version> 6 <oval:schema_version>5.10</oval:schema_version> 7 <oval:timestamp>2022-06-02T08:52:56</oval:timestamp> 8 <oval:content_version>1654159976</oval:content_version> 9 </generator> 10 <definitions> 11 <definition class="vulnerability" id="oval:com.redhat.cve:def:202135937" version="636"> 12 <metadata> 13 <title>CVE-2021-35937 rpm: TOCTOU race in checks for unsafe symlinks (moderate)</title> 14 <reference ref_id="CVE-2021-35937" ref_url="https://access.redhat.com/security/cve/CVE-2021-35937" source="CVE"/> 15 <description>DOCUMENTATION: A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 16 STATEMENT: System and service accounts may have the required permissions to exploit this flaw. Conversely, regular user accounts should not be allowed to manipulate RPM artifacts during installation, thus reducing the attack surface and hence the impact of this flaw considerably. 17 MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.</description> 18 <advisory from="secalert@redhat.com"> 19 <severity>Moderate</severity> 20 <updated date="2022-05-12"/> 21 <cve cvss3="6.3/CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H" cwe="(CWE-59|CWE-367)" href="https://access.redhat.com/security/cve/CVE-2021-35937" impact="moderate" public="20210630">CVE-2021-35937</cve> 22 <affected> 23 <resolution state="Affected"> 24 <component>python3-rpm</component> 25 <component>rpm</component> 26 <component>rpm-apidocs</component> 27 <component>rpm-build</component> 28 <component>rpm-build-libs</component> 29 <component>rpm-cron</component> 30 <component>rpm-debugsource</component> 31 <component>rpm-devel</component> 32 <component>rpm-libs</component> 33 <component>rpm-plugin-fapolicyd</component> 34 <component>rpm-plugin-ima</component> 35 <component>rpm-plugin-prioreset</component> 36 <component>rpm-plugin-selinux</component> 37 <component>rpm-plugin-syslog</component> 38 <component>rpm-plugin-systemd-inhibit</component> 39 <component>rpm-sign</component> 40 </resolution> 41 </affected> 42 <affected_cpe_list> 43 <cpe>cpe:/a:redhat:enterprise_linux:8</cpe> 44 <cpe>cpe:/a:redhat:enterprise_linux:8::appstream</cpe> 45 <cpe>cpe:/a:redhat:enterprise_linux:8::crb</cpe> 46 <cpe>cpe:/a:redhat:enterprise_linux:8::highavailability</cpe> 47 <cpe>cpe:/a:redhat:enterprise_linux:8::nfv</cpe> 48 <cpe>cpe:/a:redhat:enterprise_linux:8::realtime</cpe> 49 <cpe>cpe:/a:redhat:enterprise_linux:8::resilientstorage</cpe> 50 <cpe>cpe:/a:redhat:enterprise_linux:8::sap</cpe> 51 <cpe>cpe:/a:redhat:enterprise_linux:8::sap_hana</cpe> 52 <cpe>cpe:/a:redhat:enterprise_linux:8::supplementary</cpe> 53 <cpe>cpe:/o:redhat:enterprise_linux:8</cpe> 54 <cpe>cpe:/o:redhat:enterprise_linux:8::baseos</cpe> 55 </affected_cpe_list> 56 </advisory> 57 </metadata> 58 <criteria operator="OR"> 59 <criterion comment="Red Hat Enterprise Linux must be installed" test_ref="oval:com.redhat.cve:tst:20052541004"/> 60 <criteria operator="AND"> 61 <criterion comment="Red Hat Enterprise Linux 8 is installed" test_ref="oval:com.redhat.cve:tst:20052541003"/> 62 <criteria operator="OR"> 63 <criteria operator="AND"> 64 <criterion comment="rpm-build-libs is installed" test_ref="oval:com.redhat.cve:tst:202135937001"/> 65 <criterion comment="rpm-build-libs is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937002"/> 66 </criteria> 67 <criteria operator="AND"> 68 <criterion comment="rpm-libs is installed" test_ref="oval:com.redhat.cve:tst:202135937003"/> 69 <criterion comment="rpm-libs is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937004"/> 70 </criteria> 71 <criteria operator="AND"> 72 <criterion comment="rpm-cron is installed" test_ref="oval:com.redhat.cve:tst:202135937005"/> 73 <criterion comment="rpm-cron is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937006"/> 74 </criteria> 75 <criteria operator="AND"> 76 <criterion comment="rpm-devel is installed" test_ref="oval:com.redhat.cve:tst:202135937007"/> 77 <criterion comment="rpm-devel is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937008"/> 78 </criteria> 79 <criteria operator="AND"> 80 <criterion comment="rpm-plugin-prioreset is installed" test_ref="oval:com.redhat.cve:tst:202135937009"/> 81 <criterion comment="rpm-plugin-prioreset is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937010"/> 82 </criteria> 83 <criteria operator="AND"> 84 <criterion comment="rpm-plugin-syslog is installed" test_ref="oval:com.redhat.cve:tst:202135937011"/> 85 <criterion comment="rpm-plugin-syslog is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937012"/> 86 </criteria> 87 <criteria operator="AND"> 88 <criterion comment="rpm-plugin-ima is installed" test_ref="oval:com.redhat.cve:tst:202135937013"/> 89 <criterion comment="rpm-plugin-ima is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937014"/> 90 </criteria> 91 <criteria operator="AND"> 92 <criterion comment="rpm-apidocs is installed" test_ref="oval:com.redhat.cve:tst:202135937015"/> 93 <criterion comment="rpm-apidocs is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937016"/> 94 </criteria> 95 <criteria operator="AND"> 96 <criterion comment="rpm-build is installed" test_ref="oval:com.redhat.cve:tst:202135937017"/> 97 <criterion comment="rpm-build is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937018"/> 98 </criteria> 99 <criteria operator="AND"> 100 <criterion comment="python3-rpm is installed" test_ref="oval:com.redhat.cve:tst:202135937019"/> 101 <criterion comment="python3-rpm is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937020"/> 102 </criteria> 103 <criteria operator="AND"> 104 <criterion comment="rpm is installed" test_ref="oval:com.redhat.cve:tst:202135937021"/> 105 <criterion comment="rpm is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937022"/> 106 </criteria> 107 <criteria operator="AND"> 108 <criterion comment="rpm-debugsource is installed" test_ref="oval:com.redhat.cve:tst:202135937023"/> 109 <criterion comment="rpm-debugsource is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937024"/> 110 </criteria> 111 <criteria operator="AND"> 112 <criterion comment="rpm-plugin-systemd-inhibit is installed" test_ref="oval:com.redhat.cve:tst:202135937025"/> 113 <criterion comment="rpm-plugin-systemd-inhibit is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937026"/> 114 </criteria> 115 <criteria operator="AND"> 116 <criterion comment="rpm-sign is installed" test_ref="oval:com.redhat.cve:tst:202135937027"/> 117 <criterion comment="rpm-sign is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937028"/> 118 </criteria> 119 <criteria operator="AND"> 120 <criterion comment="rpm-plugin-selinux is installed" test_ref="oval:com.redhat.cve:tst:202135937029"/> 121 <criterion comment="rpm-plugin-selinux is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937030"/> 122 </criteria> 123 <criteria operator="AND"> 124 <criterion comment="rpm-plugin-fapolicyd is installed" test_ref="oval:com.redhat.cve:tst:202135937031"/> 125 <criterion comment="rpm-plugin-fapolicyd is signed with Red Hat redhatrelease2 key" test_ref="oval:com.redhat.cve:tst:202135937032"/> 126 </criteria> 127 </criteria> 128 </criteria> 129 </criteria> 130 </definition> 131 </definitions> 132 <tests> 133 <red-def:rpmverifyfile_test check="none satisfy" comment="Red Hat Enterprise Linux must be installed" id="oval:com.redhat.cve:tst:20052541004" version="636"> 134 <red-def:object object_ref="oval:com.redhat.cve:obj:20052541002"/> 135 <red-def:state state_ref="oval:com.redhat.cve:ste:20052541003"/> 136 </red-def:rpmverifyfile_test> 137 <red-def:rpmverifyfile_test check="at least one" comment="Red Hat Enterprise Linux 8 is installed" id="oval:com.redhat.cve:tst:20052541003" version="636"> 138 <red-def:object object_ref="oval:com.redhat.cve:obj:20052541002"/> 139 <red-def:state state_ref="oval:com.redhat.cve:ste:20052541002"/> 140 </red-def:rpmverifyfile_test> 141 <red-def:rpminfo_test check="at least one" comment="rpm-build-libs is installed" id="oval:com.redhat.cve:tst:202135937001" version="636"> 142 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937001"/> 143 </red-def:rpminfo_test> 144 <red-def:rpminfo_test check="at least one" comment="rpm-build-libs is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937002" version="636"> 145 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937001"/> 146 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 147 </red-def:rpminfo_test> 148 <red-def:rpminfo_test check="at least one" comment="rpm-libs is installed" id="oval:com.redhat.cve:tst:202135937003" version="636"> 149 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937002"/> 150 </red-def:rpminfo_test> 151 <red-def:rpminfo_test check="at least one" comment="rpm-libs is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937004" version="636"> 152 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937002"/> 153 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 154 </red-def:rpminfo_test> 155 <red-def:rpminfo_test check="at least one" comment="rpm-cron is installed" id="oval:com.redhat.cve:tst:202135937005" version="636"> 156 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937003"/> 157 </red-def:rpminfo_test> 158 <red-def:rpminfo_test check="at least one" comment="rpm-cron is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937006" version="636"> 159 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937003"/> 160 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 161 </red-def:rpminfo_test> 162 <red-def:rpminfo_test check="at least one" comment="rpm-devel is installed" id="oval:com.redhat.cve:tst:202135937007" version="636"> 163 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937004"/> 164 </red-def:rpminfo_test> 165 <red-def:rpminfo_test check="at least one" comment="rpm-devel is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937008" version="636"> 166 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937004"/> 167 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 168 </red-def:rpminfo_test> 169 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-prioreset is installed" id="oval:com.redhat.cve:tst:202135937009" version="636"> 170 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937005"/> 171 </red-def:rpminfo_test> 172 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-prioreset is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937010" version="636"> 173 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937005"/> 174 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 175 </red-def:rpminfo_test> 176 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-syslog is installed" id="oval:com.redhat.cve:tst:202135937011" version="636"> 177 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937006"/> 178 </red-def:rpminfo_test> 179 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-syslog is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937012" version="636"> 180 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937006"/> 181 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 182 </red-def:rpminfo_test> 183 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-ima is installed" id="oval:com.redhat.cve:tst:202135937013" version="636"> 184 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937007"/> 185 </red-def:rpminfo_test> 186 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-ima is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937014" version="636"> 187 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937007"/> 188 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 189 </red-def:rpminfo_test> 190 <red-def:rpminfo_test check="at least one" comment="rpm-apidocs is installed" id="oval:com.redhat.cve:tst:202135937015" version="636"> 191 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937008"/> 192 </red-def:rpminfo_test> 193 <red-def:rpminfo_test check="at least one" comment="rpm-apidocs is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937016" version="636"> 194 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937008"/> 195 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 196 </red-def:rpminfo_test> 197 <red-def:rpminfo_test check="at least one" comment="rpm-build is installed" id="oval:com.redhat.cve:tst:202135937017" version="636"> 198 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937009"/> 199 </red-def:rpminfo_test> 200 <red-def:rpminfo_test check="at least one" comment="rpm-build is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937018" version="636"> 201 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937009"/> 202 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 203 </red-def:rpminfo_test> 204 <red-def:rpminfo_test check="at least one" comment="python3-rpm is installed" id="oval:com.redhat.cve:tst:202135937019" version="636"> 205 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937010"/> 206 </red-def:rpminfo_test> 207 <red-def:rpminfo_test check="at least one" comment="python3-rpm is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937020" version="636"> 208 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937010"/> 209 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 210 </red-def:rpminfo_test> 211 <red-def:rpminfo_test check="at least one" comment="rpm is installed" id="oval:com.redhat.cve:tst:202135937021" version="636"> 212 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937011"/> 213 </red-def:rpminfo_test> 214 <red-def:rpminfo_test check="at least one" comment="rpm is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937022" version="636"> 215 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937011"/> 216 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 217 </red-def:rpminfo_test> 218 <red-def:rpminfo_test check="at least one" comment="rpm-debugsource is installed" id="oval:com.redhat.cve:tst:202135937023" version="636"> 219 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937012"/> 220 </red-def:rpminfo_test> 221 <red-def:rpminfo_test check="at least one" comment="rpm-debugsource is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937024" version="636"> 222 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937012"/> 223 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 224 </red-def:rpminfo_test> 225 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-systemd-inhibit is installed" id="oval:com.redhat.cve:tst:202135937025" version="636"> 226 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937013"/> 227 </red-def:rpminfo_test> 228 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-systemd-inhibit is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937026" version="636"> 229 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937013"/> 230 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 231 </red-def:rpminfo_test> 232 <red-def:rpminfo_test check="at least one" comment="rpm-sign is installed" id="oval:com.redhat.cve:tst:202135937027" version="636"> 233 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937014"/> 234 </red-def:rpminfo_test> 235 <red-def:rpminfo_test check="at least one" comment="rpm-sign is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937028" version="636"> 236 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937014"/> 237 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 238 </red-def:rpminfo_test> 239 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-selinux is installed" id="oval:com.redhat.cve:tst:202135937029" version="636"> 240 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937015"/> 241 </red-def:rpminfo_test> 242 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-selinux is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937030" version="636"> 243 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937015"/> 244 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 245 </red-def:rpminfo_test> 246 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-fapolicyd is installed" id="oval:com.redhat.cve:tst:202135937031" version="636"> 247 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937016"/> 248 </red-def:rpminfo_test> 249 <red-def:rpminfo_test check="at least one" comment="rpm-plugin-fapolicyd is signed with Red Hat redhatrelease2 key" id="oval:com.redhat.cve:tst:202135937032" version="636"> 250 <red-def:object object_ref="oval:com.redhat.cve:obj:202135937016"/> 251 <red-def:state state_ref="oval:com.redhat.cve:ste:201520107001"/> 252 </red-def:rpminfo_test> 253 </tests> 254 <objects> 255 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:20052541001" version="636"> 256 <red-def:name>tar</red-def:name> 257 </red-def:rpminfo_object> 258 <red-def:rpmverifyfile_object id="oval:com.redhat.cve:obj:20052541002" version="636"> 259 <red-def:behaviors noconfigfiles="true" noghostfiles="true" nogroup="true" nolinkto="true" nomd5="true" nomode="true" nomtime="true" nordev="true" nosize="true" nouser="true"/> 260 <red-def:name operation="pattern match"/> 261 <red-def:epoch operation="pattern match"/> 262 <red-def:version operation="pattern match"/> 263 <red-def:release operation="pattern match"/> 264 <red-def:arch operation="pattern match"/> 265 <red-def:filepath>/etc/redhat-release</red-def:filepath> 266 </red-def:rpmverifyfile_object> 267 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937001" version="636"> 268 <red-def:name>rpm-build-libs</red-def:name> 269 </red-def:rpminfo_object> 270 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937002" version="636"> 271 <red-def:name>rpm-libs</red-def:name> 272 </red-def:rpminfo_object> 273 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937003" version="636"> 274 <red-def:name>rpm-cron</red-def:name> 275 </red-def:rpminfo_object> 276 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937004" version="636"> 277 <red-def:name>rpm-devel</red-def:name> 278 </red-def:rpminfo_object> 279 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937005" version="636"> 280 <red-def:name>rpm-plugin-prioreset</red-def:name> 281 </red-def:rpminfo_object> 282 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937006" version="636"> 283 <red-def:name>rpm-plugin-syslog</red-def:name> 284 </red-def:rpminfo_object> 285 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937007" version="636"> 286 <red-def:name>rpm-plugin-ima</red-def:name> 287 </red-def:rpminfo_object> 288 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937008" version="636"> 289 <red-def:name>rpm-apidocs</red-def:name> 290 </red-def:rpminfo_object> 291 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937009" version="636"> 292 <red-def:name>rpm-build</red-def:name> 293 </red-def:rpminfo_object> 294 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937010" version="636"> 295 <red-def:name>python3-rpm</red-def:name> 296 </red-def:rpminfo_object> 297 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937011" version="636"> 298 <red-def:name>rpm</red-def:name> 299 </red-def:rpminfo_object> 300 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937012" version="636"> 301 <red-def:name>rpm-debugsource</red-def:name> 302 </red-def:rpminfo_object> 303 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937013" version="636"> 304 <red-def:name>rpm-plugin-systemd-inhibit</red-def:name> 305 </red-def:rpminfo_object> 306 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937014" version="636"> 307 <red-def:name>rpm-sign</red-def:name> 308 </red-def:rpminfo_object> 309 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937015" version="636"> 310 <red-def:name>rpm-plugin-selinux</red-def:name> 311 </red-def:rpminfo_object> 312 <red-def:rpminfo_object id="oval:com.redhat.cve:obj:202135937016" version="636"> 313 <red-def:name>rpm-plugin-fapolicyd</red-def:name> 314 </red-def:rpminfo_object> 315 </objects> 316 <states> 317 <red-def:rpminfo_state id="oval:com.redhat.cve:ste:20052541001" version="636"> 318 <red-def:signature_keyid operation="equals">None</red-def:signature_keyid> 319 </red-def:rpminfo_state> 320 <red-def:rpmverifyfile_state id="oval:com.redhat.cve:ste:20052541002" version="636"> 321 <red-def:name operation="pattern match">^redhat-release</red-def:name> 322 <red-def:version operation="pattern match">^8[^\d]</red-def:version> 323 </red-def:rpmverifyfile_state> 324 <red-def:rpmverifyfile_state id="oval:com.redhat.cve:ste:20052541003" version="636"> 325 <red-def:name operation="pattern match">^redhat-release</red-def:name> 326 </red-def:rpmverifyfile_state> 327 <red-def:rpminfo_state id="oval:com.redhat.cve:ste:201520107001" version="636"> 328 <red-def:signature_keyid operation="equals">199e2f91fd431d51</red-def:signature_keyid> 329 </red-def:rpminfo_state> 330 </states> 331 <variables> 332 <local_variable comment="Get saved_entry in /boot/grub2/grubenv" datatype="int" id="oval:com.redhat.rhsa:var:20191167001" version="643"> 333 <arithmetic arithmetic_operation="add"> 334 <literal_component datatype="int">1</literal_component> 335 <object_component item_field="text" object_ref="oval:com.redhat.rhsa:obj:20191167027"/> 336 </arithmetic> 337 </local_variable> 338 </variables> 339 </oval_definitions>