mozilla
/
mig
зеркало из https://github.com/mozilla/mig.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

[doc] add an example scribe policy around CVE-2015-7547 

This policy identifies systems that have an updated version of glibc
installed that also have an uptime that exceeds that specified in the
policy.
This commit is contained in:
Aaron Meihm 2016-02-19 11:12:51 -06:00
Родитель f4bf0a14f6
Коммит 9278f7834d
1 изменённых файлов: 87 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

87
actions/scribe/glibc-CVE-2015-7547-noreboot-scribe.json Normal file
Просмотреть файл

@ -0,0 +1,87 @@
{
"objects": [
{
"filecontent": {
"expression": ".*Red Hat.*(release \\d+)\\..*",
"file": "^redhat-release$",
"path": "/etc"
},
"filename": {},
"hasline": {},
"object": "obj-release-redhatrelease",
"package": {},
"raw": {}
},
{
"filecontent": {},
"filename": {},
"hasline": {},
"object": "obj-package-glibc",
"package": {
"name": "glibc"
},
"raw": {}
},
{
"filecontent": {
"concat": ".",
"expression": "^(\\S+)\\.\\S+ \\S+",
"file": "^uptime$",
"import-chain": [
"raw-append"
],
"path": "/proc"
},
"object": "/proc/uptime"
},
{
"object": "raw-append",
"raw": {
"identifiers": [
{
"identifier": "raw0",
"value": "0"
}
]
}
}
],
"tests": [
{
"evr": {},
"exactmatch": {
"value": "release 6"
},
"name": "",
"object": "obj-release-redhatrelease",
"regexp": {},
"test": "test-release-redhat-rhel6"
},
{
"description": "RedHat Update for glibc RHSA-2016:0175-1",
"evr": {
"operation": "=",
"value": "2.12-1.166.el6_7.7"
},
"exactmatch": {},
"if": [
"test-release-redhat-rhel6"
],
"name": "test-redhat-rhel6-glibc-0",
"object": "obj-package-glibc",
"regexp": {},
"test": "26eb87f84808a347e3ce6955bffc9c02"
},
{
"evr": {
"operation": ">",
"value": "345600.0"
},
"if": [
"26eb87f84808a347e3ce6955bffc9c02"
],
"object": "/proc/uptime",
"test": "test-uptime"
}
]
}