Mercurial > farol > farolluz
comparison farolluz/templates/cvrf.j2 @ 0:e18b61a73a68
Initial Release
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Tue, 23 Sep 2014 15:19:14 +0200 |
parents | |
children | d47e1164740f |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:e18b61a73a68 |
---|---|
1 {# | |
2 # Description: | |
3 # Template for generation of CVRF documents | |
4 # | |
5 # Authors: | |
6 # BenoƮt Allard <benoit.allard@greenbone.net> | |
7 # | |
8 # Copyright: | |
9 # Copyright (C) 2014 Greenbone Networks GmbH | |
10 # | |
11 # This program is free software; you can redistribute it and/or | |
12 # modify it under the terms of the GNU General Public License | |
13 # as published by the Free Software Foundation; either version 2 | |
14 # of the License, or (at your option) any later version. | |
15 # | |
16 # This program is distributed in the hope that it will be useful, | |
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
19 # GNU General Public License for more details. | |
20 # | |
21 # You should have received a copy of the GNU General Public License | |
22 # along with this program; if not, write to the Free Software | |
23 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | |
24 -#} | |
25 | |
26 <?xml version="1.0" encoding="utf-8"?> | |
27 | |
28 {#- Some macros for producttree generation #} | |
29 {%- macro FullProductNames(producttree, parent) %} | |
30 {%- for product in producttree._products %} | |
31 {%- if product._parent is sameas parent %} | |
32 <FullProductName{{ {'ProductID': product._productid, 'CPE': product._cpe} | xmlattr }}> | |
33 {{- product._name -}} | |
34 </FullProductName> | |
35 {%- endif %} | |
36 {%- endfor %} | |
37 {%- endmacro %} | |
38 | |
39 {%- macro Note(note) -%} | |
40 <Note{{ {'Type': note._type, 'Ordinal': note._ordinal, 'Title': note._title, 'Audience': note._audience} | xmlattr }}> | |
41 {{- note._note | escape -}} | |
42 </Note> | |
43 {%- endmacro %} | |
44 <cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1"> | |
45 <DocumentTitle>{{ cvrf._title }}</DocumentTitle> | |
46 <DocumentType>{{ cvrf._type }}</DocumentType> | |
47 {%- with publisher = cvrf._publisher %} | |
48 <DocumentPublisher{{ {'Type': publisher._type, 'VendorID': publisher._vendorid} | xmlattr }}> | |
49 {%- if publisher._contact %} | |
50 <ContactDetails>{{ publisher._contact }}</ContactDetails> | |
51 {%- endif %} | |
52 {%- if publisher._authority %} | |
53 <IssuingAuthority>{{ publisher._authority }}</IssuingAuthority> | |
54 {%- endif %} | |
55 </DocumentPublisher> | |
56 {%- endwith %} | |
57 {%- with tracking = cvrf._tracking %} | |
58 <DocumentTracking> | |
59 <Identification> | |
60 <ID>{{ tracking._identification._id }}</ID> | |
61 {%- for alias in tracking._identification._aliases %} | |
62 <Alias>{{ alias }}</Alias> | |
63 {%- endfor %} | |
64 </Identification> | |
65 <Status>{{ tracking._status }}</Status> | |
66 <Version>{{ tracking._version | join('.') }}</Version> | |
67 <RevisionHistory> | |
68 {%- for revision in tracking._history %} | |
69 <Revision> | |
70 <Number>{{ revision._number | join('.') }}</Number> | |
71 <Date>{{ revision._date.isoformat() }}</Date> | |
72 <Description>{{ revision._description }}</Description> | |
73 </Revision> | |
74 {%- endfor %} | |
75 </RevisionHistory> | |
76 <InitialReleaseDate>{{ tracking._initialDate.isoformat() }}</InitialReleaseDate> | |
77 <CurrentReleaseDate>{{ tracking._currentDate.isoformat() }}</CurrentReleaseDate> | |
78 {%- if tracking._generator %} | |
79 <Generator> | |
80 {%- with generator = tracking._generator %} | |
81 {%- if generator._engine %} | |
82 <Engine>{{ generator._engine }}</Engine> | |
83 {%- endif %} | |
84 {%- if generator._date %} | |
85 <Date>{{ generator._date.isoformat() }}</Date> | |
86 {%- endif %} | |
87 {%- endwith %} | |
88 </Generator> | |
89 {%- endif %} | |
90 </DocumentTracking> | |
91 {%- endwith %} | |
92 {%- if cvrf._notes %} | |
93 <DocumentNotes> | |
94 {%- for note in cvrf._notes %} | |
95 {{ Note(note) }} | |
96 {%- endfor %} | |
97 </DocumentNotes> | |
98 {%- endif %} | |
99 {%- if cvrf._distribution %} | |
100 <DocumentDistribution>{{ cvrf._distribution }}</DocumentDistribution> | |
101 {%- endif %} | |
102 {#- AggregateSeverity is missing #} | |
103 {%- if cvrf._references %} | |
104 <DocumentReferences> | |
105 {%- for reference in cvrf._references %} | |
106 <Reference{{ {'Type': reference._type} | xmlattr }}> | |
107 <URL>{{ reference._url }}</URL> | |
108 <Description>{{ reference._description }}</Description> | |
109 </Reference> | |
110 {%- endfor %} | |
111 </DocumentReferences> | |
112 {%- endif %} | |
113 {%- if cvrf._acknowledgments %} | |
114 <Acknowledgments> | |
115 {%- for acknowledgment in cvrf._acknowledgments %} | |
116 <Acknowledgment> | |
117 {%- if acknowledgment._name %} | |
118 <Name>{{ acknowledgment._name }}</Name> | |
119 {%- endif %} | |
120 {%- if acknowledgment._organization %} | |
121 <Organization>{{ acknowledgment._organization }}</Organization> | |
122 {%- endif %} | |
123 {%- if acknowledgment._description %} | |
124 <Description>{{ acknowledgment._description }}</Description> | |
125 {%- endif %} | |
126 {%- if acknowledgment._url %} | |
127 <URL>{{ acknowledgment._url }}</URL> | |
128 {%- endif %} | |
129 </Acknowledgment> | |
130 {%- endfor %} | |
131 </Acknowledgments> | |
132 {%- endif %} | |
133 {%- if cvrf._producttree %} | |
134 <ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1"> | |
135 {%- with producttree = cvrf._producttree %} | |
136 {%- for branch in producttree._branches recursive %} | |
137 <Branch{{ {'Type': branch._type, 'Name': branch._name} | xmlattr }}> | |
138 {{- loop(branch._childs) }} | |
139 {{- FullProductNames(producttree, branch) }} | |
140 </Branch> | |
141 {%- endfor %} | |
142 {{ FullProductNames(producttree, producttree) }} | |
143 {%- for relationship in producttree._relationships -%} | |
144 <Relationship{{ {'ProductReference': relationship._productreference, 'RelationType': relationship._relationtype, 'RelatesToProductReference': relationship._relatestoproductreference} | xmlattr }}> | |
145 {{- FullProductNames(producttree, relationship) }} | |
146 </Relationship> | |
147 {%- endfor %} | |
148 {%- if producttree._groups %} | |
149 <ProductGroups> | |
150 {%- for group in producttree._groups %} | |
151 <Group{{ {'GroupID': group._id} | xmlattr }}> | |
152 {%- if group._description %} | |
153 <Description>{{ group._description }}</Description> | |
154 {%- endif %} | |
155 {%- for productid in group._productids %} | |
156 <ProductID>{{ productid }}</ProductID> | |
157 {%- endfor %} | |
158 </Group> | |
159 {%- endfor %} | |
160 </ProductGroups> | |
161 {%- endif %} | |
162 {%- endwith %} | |
163 </ProductTree> | |
164 {%- endif %} | |
165 {%- for vulnerability in cvrf._vulnerabilities %} | |
166 <Vulnerability xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1" Ordinal="{{ vulnerability._ordinal}}"> | |
167 {%- if vulnerability._title %} | |
168 <Title>{{ vulnerability._title }}</Title> | |
169 {%- endif %} | |
170 {%- if vulnerability._id %} | |
171 <ID SystemName="{{ vulnerability._id._systemname }}">{{ vulnerability._id._value }}</ID> | |
172 {%- endif %} | |
173 {%- if vulnerability._notes %} | |
174 <Notes> | |
175 {%- for note in vulnerability._notes %} | |
176 {{ Note(note) }} | |
177 {%- endfor %} | |
178 </Notes> | |
179 {%- endif %} | |
180 {%- if vulnerability._discoverydate %} | |
181 <DiscoveryDate>{{ vulnerability._discoverydate.isoformat() }}</DiscoveryDate> | |
182 {%- endif %} | |
183 {%- if vulnerability._releasedate %} | |
184 <ReleaseDate>{{ vulnerability._releasedate.isoformat() }}</ReleaseDate> | |
185 {%- endif %} | |
186 {%- if vulnerability._involvements %} | |
187 <Involvements> | |
188 {%- for involvement in vulnerability._involvements %} | |
189 <Involvement{{ {'Party': involvement._party, 'Status': involvement._status} | xmlattr }}> | |
190 {%- if involvement._description %} | |
191 <Description>{{ involvement._description }}</Description> | |
192 {%- endif %} | |
193 </Involvement> | |
194 {%- endfor %} | |
195 </Involvements> | |
196 {%- endif %} | |
197 {%- if vulnerability._cve %} | |
198 <CVE>{{ vulnerability._cve }}</CVE> | |
199 {%- endif %} | |
200 {%- for cwe in vulnerability._cwes %} | |
201 <CWE ID="{{ cwe._id }}">{{ cwe._value }}</CWE> | |
202 {%- endfor %} | |
203 {%- if vulnerability._productstatuses %} | |
204 <ProductStatuses> | |
205 {%- for status in vulnerability._productstatuses %} | |
206 <Status Type="{{ status._type }}"> | |
207 {%- for productid in status._productids %} | |
208 <ProductID>{{ productid }}</ProductID> | |
209 {%- endfor %} | |
210 </Status> | |
211 {%- endfor %} | |
212 </ProductStatuses> | |
213 {%- endif %} | |
214 {%- if vulnerability._cvsss %} | |
215 <CVSSScoreSets> | |
216 {%- for cvss in vulnerability._cvsss %} | |
217 <ScoreSet> | |
218 <BaseScore>{{ cvss._basescore }}</BaseScore> | |
219 {%- if cvss._temporalscore %} | |
220 <TemporalScore>{{ cvss._temporalscore }}</TemporalScore> | |
221 {%- endif %} | |
222 {%- if cvss._environmentalscore %} | |
223 <EnvironmentalScore>{{ cvss._environmentalscore }}</EnvironmentalScore> | |
224 {%- endif %} | |
225 {%- if cvss._vector %} | |
226 <Vector>{{ cvss._vector }}</Vector> | |
227 {%- endif %} | |
228 {%- for productid in cvss._productids %} | |
229 <ProductID>{{productid}}</ProductID> | |
230 {%- endfor %} | |
231 </ScoreSet> | |
232 {%- endfor %} | |
233 </CVSSScoreSets> | |
234 {%- endif %} | |
235 {%- if vulnerability._remediations %} | |
236 <Remediations> | |
237 {%- for remediation in vulnerability._remediations %} | |
238 <Remediation Type="{{ remediation._type }}"{% if remediation._date %} Date="{{ remediation._date.isoformat() }}"{% endif %}> | |
239 <Description>{{ remediation._description }}</Description> | |
240 {%- if remediation._entitlement %} | |
241 <Entitlement>{{ remediation._entitlement }}</Entitlement> | |
242 {%- endif %} | |
243 {%- if remediation._url %} | |
244 <URL>{{ remediation._url }}</URL> | |
245 {%- endif %} | |
246 {%- for productid in remediation._productids %} | |
247 <ProductID>{{ productid }}</ProductID> | |
248 {%- endfor %} | |
249 {%- for groupid in remediation._groupids %} | |
250 <GroupID>{{ groupid }}</GroupID> | |
251 {%- endfor %} | |
252 </Remediation> | |
253 {%- endfor %} | |
254 </Remediations> | |
255 {%- endif %} | |
256 </Vulnerability> | |
257 {%- endfor %} | |
258 </cvrfdoc> |