0
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
1 {# |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
2 # Description: |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
3 # Template for generation of OVAL documents |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
4 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
5 # Authors: |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
6 # Antu Sanadi <santu@secpod.com> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
7 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
8 # Copyright: |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
9 # Copyright (C) 2014 Greenbone Networks GmbH |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
10 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
11 # This program is free software; you can redistribute it and/or |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
12 # modify it under the terms of the GNU General Public License |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
13 # as published by the Free Software Foundation; either version 2 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
14 # of the License, or (at your option) any later version. |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
15 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
16 # This program is distributed in the hope that it will be useful, |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
19 # GNU General Public License for more details. |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
20 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
21 # You should have received a copy of the GNU General Public License |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
22 # along with this program; if not, write to the Free Software |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
23 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
24 -#} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
25 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
26 <?xml version="1.0" encoding="UTF-8"?> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
27 {% import "oval_core.j2" as oval_core -%} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
28 <oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx esx-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#windows windows-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris solaris-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#aix aix-definitions-schema.xsd"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
29 <generator> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
30 <oval:product_name>SecPod SCAP Repository</oval:product_name> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
31 <oval:schema_version>5.10</oval:schema_version> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
32 <oval:timestamp>{{ now.isoformat() }}</oval:timestamp> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
33 </generator> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
34 <definitions> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
35 {%- set done = [] %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
36 {% for prod in cvrf.getProductList() %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
37 {%- set os, package = cvrf._producttree.decomposeProduct(prod._productid) %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
38 {%- if os is not none %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
39 {%- set rls = os._name | release_map %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
40 {%- set rpm = package._name | for_rpmvuln %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
41 {%- if rls != 'UNKNOWN' %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
42 {%- if (rls, rpm) not in done %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
43 <definition version="1" class="inventory" id="oval:org.secpod.oval:def:501309"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
44 <metadata> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
45 <title> {{ os._name }} is installed</title> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
46 <affected family="unix"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
47 <platform>{{ os._name }}</platform> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
48 </affected> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
49 <reference source="CPE" ref_id="{{ os_cpe }}"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
50 <description>{{ os._name }} is installed</description> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
51 <oval_repository> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
52 <dates> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
53 <submitted date="{{ now.isoformat() }}"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
54 <contributor organization="SecPod Technologies">SecPod Team</contributor> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
55 </submitted> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
56 </dates> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
57 <status>ACCEPTED</status> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
58 </oval_repository> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
59 </metadata> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
60 <criteria> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
61 <criterion comment="{{ os._name }} is installed" test_ref="oval:org.secpod.oval:tst:511359"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
62 </criteria> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
63 </definition> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
64 <definition version="1" class="inventory" id="oval:org.secpod.oval:def:501309"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
65 <metadata> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
66 <title> {{ package._name }} is installed</title> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
67 <affected family="unix"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
68 <platform>{{ package._name }}</platform> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
69 </affected> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
70 <reference source="CPE" ref_id="{{ os_cpe }}"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
71 <description>{{ package._name }} is installed</description> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
72 <oval_repository> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
73 <dates> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
74 <submitted date="{{ now.isoformat() }}"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
75 <contributor organization="SecPod Technologies">SecPod Team</contributor> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
76 </submitted> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
77 </dates> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
78 <status>ACCEPTED</status> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
79 </oval_repository> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
80 </metadata> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
81 <criteria> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
82 <criterion comment="{{ package._name }} is installed" test_ref="oval:org.secpod.oval:tst:511359"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
83 </criteria> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
84 </definition> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
85 <definition version="0" class="patch" id="oval:org.secpod.oval:def:501352"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
86 <metadata> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
87 <title>{{ cvrf._title }} ({{ cvrf._tracking._id }})</title> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
88 <affected family="unix"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
89 <platform>{{ os._name }}</platform> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
90 <product> {{ package._name }}</product> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
91 </affected> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
92 <reference source="VENDOR" ref_url="{% for ref in cvrf._references %} {%-if 'RHSA-' in ref._url %}{{ref._url}}{%- endif %} {%- endfor %}" ref_id="{{ cvrf._tracking._id }}"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
93 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
94 {%- for vuln in cvrf._vulnerabilities %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
95 <reference source="CVE" ref_url="http://www.scaprepo.com/view.jsp?id={{ vuln._cve }}" ref_id="{{ vuln._cve }}"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
96 {%- endfor %}) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
97 <description>{{ oval_core.notes(cvrf, 'Details') }}</description> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
98 <oval_repository> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
99 <dates> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
100 <submitted date="{{ now.isoformat() }}"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
101 <contributor organization="SecPod Technologies">SecPod Team</contributor> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
102 </submitted> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
103 </dates> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
104 <status>INITIAL SUBMISSION</status> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
105 </oval_repository> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
106 </metadata> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
107 <criteria operator="AND"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
108 <extend_definition comment="{{ os._name }} is installed" definition_ref="oval:org.secpod.oval:def:501309"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
109 <extend_definition comment=" {{ package._name }} is installed" definition_ref="oval:org.secpod.oval:def:203387"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
110 <criteria comment="All dependent packages of {{ package._name }} " operator="OR"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
111 <criterion comment=" {{ package._name }} is earlier than 0:2.3.5-3.el7_0" test_ref="oval:org.secpod.oval:tst:215690"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
112 </criteria> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
113 </criteria> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
114 </definition> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
115 </definitions> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
116 <tests> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
117 <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="Red Hat Enterprise Linux 7 is installed" id="oval:org.secpod.oval:tst:511359" version="1" check="all" check_existence="at_least_one_exists"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
118 <object object_ref="oval:org.secpod.oval:obj:500000"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
119 <state state_ref="oval:org.secpod.oval:ste:502133"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
120 </textfilecontent54_test> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
121 <rpminfo_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" comment="{{ package._name }} is installed" version="0" check="all" check_existence="at_least_one_exists"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
122 <object object_ref="oval:org.secpod.oval:obj:200887"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
123 </rpminfo_test> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
124 <rpminfo_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" comment=" {{ package._name }} is earlier than 0:2.3.5-3.el7_0" id="oval:org.secpod.oval:tst:215690" version="0" check="all" check_existence="at_least_one_exists"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
125 <object object_ref="oval:org.secpod.oval:obj:200887"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
126 <state state_ref="oval:org.secpod.oval:ste:203835"/> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
127 </rpminfo_test> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
128 </tests> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
129 <objects> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
130 <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="Object holds RHEL version" id="oval:org.secpod.oval:obj:500000" version="1"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
131 <path>/etc</path> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
132 <filename>redhat-release</filename> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
133 <pattern operation="pattern match">^Red Hat Enterprise.*release.*$</pattern> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
134 <instance datatype="int">1</instance> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
135 </textfilecontent54_object> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
136 <rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" comment="resteasy-base package information" id="oval:org.secpod.oval:obj:200887" version="0"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
137 <name>{{ package._name }}</name> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
138 </rpminfo_object> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
139 </objects> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
140 <states> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
141 <textfilecontent54_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="State matches RHEL 7" id="oval:org.secpod.oval:ste:502133" version="1"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
142 <text operation="pattern match">^Red Hat Enterprise.*release 7.*$</text> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
143 </textfilecontent54_state> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
144 <rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" comment="version is earlier than 0:2.3.5-3.el7_0" id="oval:org.secpod.oval:ste:203835" version="0"> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
145 <evr datatype="evr_string" operation="less than">0:2.3.5-3.el7_0</evr> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
146 </rpminfo_state> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
147 </states> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
148 </oval_definitions> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
149 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
150 {{- done.append((rls, rpm)) or '' }} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
151 {%- endif %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
152 {%- endif %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
153 {%- endif %} |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
154 {%- endfor %} |