diff --git a/mariner/testdata/golden/azure/3.0/definitions/2023/52881-2.json b/mariner/testdata/golden/azure/3.0/definitions/2023/52881-2.json
new file mode 100644
index 00000000..fc9ae421
--- /dev/null
+++ b/mariner/testdata/golden/azure/3.0/definitions/2023/52881-2.json
@@ -0,0 +1,34 @@
+{
+ "Class": "vulnerability",
+ "ID": "oval:com.microsoft.azurelinux:def:52881",
+ "Version": "2",
+ "Metadata": {
+ "Title": "CVE-2023-29409 affecting package golang for versions less than 1.20.7-1",
+ "Affected": {
+ "Family": "unix",
+ "Platform": "Azure Linux"
+ },
+ "Reference": {
+ "RefID": "CVE-2023-29409",
+ "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-29409",
+ "Source": "CVE"
+ },
+ "Patchable": "true",
+ "AdvisoryID": "52881-2",
+ "Severity": "Medium",
+ "Description": "CVE-2023-29409 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available."
+ },
+ "Criteria": {
+ "Operator": "AND",
+ "Criterion": [
+ {
+ "Comment": "Package golang is earlier than 1.20.7-1, affected by CVE-2023-29409",
+ "TestRef": "oval:com.microsoft.azurelinux:tst:52881000"
+ },
+ {
+ "Comment": "Package golang is greater than 0.0.0, affected by CVE-2023-29409",
+ "TestRef": "oval:com.microsoft.azurelinux:tst:52881003"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/mariner/testdata/golden/azure/3.0/definitions/2024/42064-1.json b/mariner/testdata/golden/azure/3.0/definitions/2024/42064-1.json
index 64c09e6f..8d87ba44 100644
--- a/mariner/testdata/golden/azure/3.0/definitions/2024/42064-1.json
+++ b/mariner/testdata/golden/azure/3.0/definitions/2024/42064-1.json
@@ -21,9 +21,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package rubygem-rexml is earlier than 3.2.8-1, affected by CVE-2024-35176",
- "TestRef": "oval:com.microsoft.azurelinux:tst:42064000"
- }
+ "Criterion": [
+ {
+ "Comment": "Package rubygem-rexml is earlier than 3.2.8-1, affected by CVE-2024-35176",
+ "TestRef": "oval:com.microsoft.azurelinux:tst:42064000"
+ }
+ ]
}
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/azure/3.0/objects/objects.json b/mariner/testdata/golden/azure/3.0/objects/objects.json
index 4defefca..77daa2e7 100644
--- a/mariner/testdata/golden/azure/3.0/objects/objects.json
+++ b/mariner/testdata/golden/azure/3.0/objects/objects.json
@@ -4,6 +4,16 @@
"ID": "oval:com.microsoft.azurelinux:obj:42064001",
"Version": "1",
"Name": "rubygem-rexml"
+ },
+ {
+ "ID": "oval:com.microsoft.azurelinux:obj:52881004",
+ "Version": "1",
+ "Name": "golang"
+ },
+ {
+ "ID": "oval:com.microsoft.azurelinux:obj:52881001",
+ "Version": "1",
+ "Name": "golang"
}
]
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/azure/3.0/states/states.json b/mariner/testdata/golden/azure/3.0/states/states.json
index 0f958f67..6702dfcb 100644
--- a/mariner/testdata/golden/azure/3.0/states/states.json
+++ b/mariner/testdata/golden/azure/3.0/states/states.json
@@ -8,6 +8,24 @@
"Datatype": "evr_string",
"Operation": "less than"
}
+ },
+ {
+ "ID": "oval:com.microsoft.azurelinux:ste:52881005",
+ "Version": "1",
+ "Evr": {
+ "Text": "0:0.0.0.azl3",
+ "Datatype": "evr_string",
+ "Operation": "greater than"
+ }
+ },
+ {
+ "ID": "oval:com.microsoft.azurelinux:ste:52881002",
+ "Version": "1",
+ "Evr": {
+ "Text": "0:1.20.7-1.azl3",
+ "Datatype": "evr_string",
+ "Operation": "less than"
+ }
}
]
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/azure/3.0/tests/tests.json b/mariner/testdata/golden/azure/3.0/tests/tests.json
index 4b8d6bce..e06bbf58 100644
--- a/mariner/testdata/golden/azure/3.0/tests/tests.json
+++ b/mariner/testdata/golden/azure/3.0/tests/tests.json
@@ -11,6 +11,30 @@
"State": {
"StateRef": "oval:com.microsoft.azurelinux:ste:42064002"
}
+ },
+ {
+ "Check": "at least one",
+ "Comment": "Package golang is greater than 0.0.0, affected by CVE-2023-29409",
+ "ID": "oval:com.microsoft.azurelinux:tst:52881003",
+ "Version": "1",
+ "Object": {
+ "ObjectRef": "oval:com.microsoft.azurelinux:obj:52881004"
+ },
+ "State": {
+ "StateRef": "oval:com.microsoft.azurelinux:ste:52881005"
+ }
+ },
+ {
+ "Check": "at least one",
+ "Comment": "Package golang is earlier than 1.20.7-1, affected by CVE-2023-29409",
+ "ID": "oval:com.microsoft.azurelinux:tst:52881000",
+ "Version": "1",
+ "Object": {
+ "ObjectRef": "oval:com.microsoft.azurelinux:obj:52881001"
+ },
+ "State": {
+ "StateRef": "oval:com.microsoft.azurelinux:ste:52881002"
+ }
}
]
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/mariner/1.0/definitions/2008/3173.json b/mariner/testdata/golden/mariner/1.0/definitions/2008/3173.json
index 507ccf8f..28c7faf6 100644
--- a/mariner/testdata/golden/mariner/1.0/definitions/2008/3173.json
+++ b/mariner/testdata/golden/mariner/1.0/definitions/2008/3173.json
@@ -21,9 +21,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package clamav is earlier than 0.103.2-1, affected by CVE-2008-3914",
- "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374849000003"
- }
+ "Criterion": [
+ {
+ "Comment": "Package clamav is earlier than 0.103.2-1, affected by CVE-2008-3914",
+ "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374849000003"
+ }
+ ]
}
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/mariner/1.0/definitions/2018/4209.json b/mariner/testdata/golden/mariner/1.0/definitions/2018/4209.json
index 1d69889f..76cc275c 100644
--- a/mariner/testdata/golden/mariner/1.0/definitions/2018/4209.json
+++ b/mariner/testdata/golden/mariner/1.0/definitions/2018/4209.json
@@ -21,9 +21,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package libwebp is earlier than 1.0.3-1, affected by CVE-2018-25012",
- "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374849000151"
- }
+ "Criterion": [
+ {
+ "Comment": "Package libwebp is earlier than 1.0.3-1, affected by CVE-2018-25012",
+ "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374849000151"
+ }
+ ]
}
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/mariner/1.0/definitions/2021/4820.json b/mariner/testdata/golden/mariner/1.0/definitions/2021/4820.json
index 63e61e8e..6a14f012 100644
--- a/mariner/testdata/golden/mariner/1.0/definitions/2021/4820.json
+++ b/mariner/testdata/golden/mariner/1.0/definitions/2021/4820.json
@@ -21,9 +21,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package glibc is earlier than 2.28-19, affected by CVE-2021-35942",
- "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374849000145"
- }
+ "Criterion": [
+ {
+ "Comment": "Package glibc is earlier than 2.28-19, affected by CVE-2021-35942",
+ "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374849000145"
+ }
+ ]
}
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/mariner/2.0/definitions/2014/6933.json b/mariner/testdata/golden/mariner/2.0/definitions/2014/6933.json
index b2521364..bc6b5f5b 100644
--- a/mariner/testdata/golden/mariner/2.0/definitions/2014/6933.json
+++ b/mariner/testdata/golden/mariner/2.0/definitions/2014/6933.json
@@ -20,9 +20,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package unzip is installed with version 6.0 or earlier",
- "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374850000269"
- }
+ "Criterion": [
+ {
+ "Comment": "Package unzip is installed with version 6.0 or earlier",
+ "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374850000269"
+ }
+ ]
}
}
diff --git a/mariner/testdata/golden/mariner/2.0/definitions/2021/7412.json b/mariner/testdata/golden/mariner/2.0/definitions/2021/7412.json
index 638b96d2..d23ed6b3 100644
--- a/mariner/testdata/golden/mariner/2.0/definitions/2021/7412.json
+++ b/mariner/testdata/golden/mariner/2.0/definitions/2021/7412.json
@@ -20,9 +20,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package wireshark is installed with version 3.4.4 or earlier",
- "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374850000435"
- }
+ "Criterion": [
+ {
+ "Comment": "Package wireshark is installed with version 3.4.4 or earlier",
+ "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374850000435"
+ }
+ ]
}
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/mariner/2.0/definitions/2022/7700.json b/mariner/testdata/golden/mariner/2.0/definitions/2022/7700.json
index d9304eda..97acf78a 100644
--- a/mariner/testdata/golden/mariner/2.0/definitions/2022/7700.json
+++ b/mariner/testdata/golden/mariner/2.0/definitions/2022/7700.json
@@ -20,9 +20,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package mysql is installed with version 8.0.24 or earlier",
- "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374850000854"
- }
+ "Criterion": [
+ {
+ "Comment": "Package mysql is installed with version 8.0.24 or earlier",
+ "TestRef": "oval:com.microsoft.cbl-mariner:tst:1643374850000854"
+ }
+ ]
}
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/mariner/2.0/definitions/2023/31872-1.json b/mariner/testdata/golden/mariner/2.0/definitions/2023/31872-1.json
index 6fb3156e..e9446455 100644
--- a/mariner/testdata/golden/mariner/2.0/definitions/2023/31872-1.json
+++ b/mariner/testdata/golden/mariner/2.0/definitions/2023/31872-1.json
@@ -20,9 +20,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package edk2 is earlier than 20230301gitf80f052277c8-38, affected by CVE-2023-5678",
- "TestRef": "oval:com.microsoft.cbl-mariner:tst:31872000"
- }
+ "Criterion": [
+ {
+ "Comment": "Package edk2 is earlier than 20230301gitf80f052277c8-38, affected by CVE-2023-5678",
+ "TestRef": "oval:com.microsoft.cbl-mariner:tst:31872000"
+ }
+ ]
}
}
\ No newline at end of file
diff --git a/mariner/testdata/golden/mariner/2.0/definitions/2023/31880-1.json b/mariner/testdata/golden/mariner/2.0/definitions/2023/31880-1.json
index ed4b4fe8..b5c3bbff 100644
--- a/mariner/testdata/golden/mariner/2.0/definitions/2023/31880-1.json
+++ b/mariner/testdata/golden/mariner/2.0/definitions/2023/31880-1.json
@@ -20,9 +20,11 @@
},
"Criteria": {
"Operator": "AND",
- "Criterion": {
- "Comment": "Package openssl is earlier than 1.1.1k-28, affected by CVE-2023-5678",
- "TestRef": "oval:com.microsoft.cbl-mariner:tst:31880000"
- }
+ "Criterion": [
+ {
+ "Comment": "Package openssl is earlier than 1.1.1k-28, affected by CVE-2023-5678",
+ "TestRef": "oval:com.microsoft.cbl-mariner:tst:31880000"
+ }
+ ]
}
}
\ No newline at end of file
diff --git a/mariner/testdata/happy/azurelinux-3.0-oval.xml b/mariner/testdata/happy/azurelinux-3.0-oval.xml
index 0f509a9f..768fb165 100644
--- a/mariner/testdata/happy/azurelinux-3.0-oval.xml
+++ b/mariner/testdata/happy/azurelinux-3.0-oval.xml
@@ -24,21 +24,58 @@
+
+
+ CVE-2023-29409 affecting package golang for versions less than 1.20.7-1
+
+ Azure Linux
+
+
+ true
+ 52881-2
+ Medium
+ CVE-2023-29409 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
rubygem-rexml
+
+ golang
+
+
+ golang
+
0:3.2.8-1.azl3
+
+ 0:0.0.0.azl3
+
+
+ 0:1.20.7-1.azl3
+
diff --git a/mariner/types.go b/mariner/types.go
index eadb4d62..767fd9f3 100644
--- a/mariner/types.go
+++ b/mariner/types.go
@@ -54,8 +54,8 @@ type Definition struct {
Criteria Criteria `xml:"criteria" json:",omitempty"`
}
type Criteria struct {
- Operator string `xml:"operator,attr" json:",omitempty"`
- Criterion Criterion `xml:"criterion" json:",omitempty"`
+ Operator string `xml:"operator,attr" json:",omitempty"`
+ Criterion []Criterion `xml:"criterion" json:",omitempty"`
}
type Criterion struct {