Mercurial > farol > farolluz
comparison farolluz/templates/oval.j2 @ 0:e18b61a73a68
Initial Release
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Tue, 23 Sep 2014 15:19:14 +0200 |
parents | |
children | 2ee8fcfc99bc |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:e18b61a73a68 |
---|---|
1 {# | |
2 # Description: | |
3 # Template for generation of OVAL documents | |
4 # | |
5 # Authors: | |
6 # Antu Sanadi <santu@secpod.com> | |
7 # | |
8 # Copyright: | |
9 # Copyright (C) 2014 Greenbone Networks GmbH | |
10 # | |
11 # This program is free software; you can redistribute it and/or | |
12 # modify it under the terms of the GNU General Public License | |
13 # as published by the Free Software Foundation; either version 2 | |
14 # of the License, or (at your option) any later version. | |
15 # | |
16 # This program is distributed in the hope that it will be useful, | |
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
19 # GNU General Public License for more details. | |
20 # | |
21 # You should have received a copy of the GNU General Public License | |
22 # along with this program; if not, write to the Free Software | |
23 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | |
24 -#} | |
25 | |
26 <?xml version="1.0" encoding="UTF-8"?> | |
27 {% import "oval_core.j2" as oval_core -%} | |
28 <oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-definitions-5#esx esx-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#windows windows-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#solaris solaris-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#hpux hpux-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#aix aix-definitions-schema.xsd"> | |
29 <generator> | |
30 <oval:product_name>SecPod SCAP Repository</oval:product_name> | |
31 <oval:schema_version>5.10</oval:schema_version> | |
32 <oval:timestamp>{{ now.isoformat() }}</oval:timestamp> | |
33 </generator> | |
34 <definitions> | |
35 {%- set done = [] %} | |
36 {% for prod in cvrf.getProductList() %} | |
37 {%- set os, package = cvrf._producttree.decomposeProduct(prod._productid) %} | |
38 {%- if os is not none %} | |
39 {%- set rls = os._name | release_map %} | |
40 {%- set rpm = package._name | for_rpmvuln %} | |
41 {%- if rls != 'UNKNOWN' %} | |
42 {%- if (rls, rpm) not in done %} | |
43 <definition version="1" class="inventory" id="oval:org.secpod.oval:def:501309"> | |
44 <metadata> | |
45 <title> {{ os._name }} is installed</title> | |
46 <affected family="unix"> | |
47 <platform>{{ os._name }}</platform> | |
48 </affected> | |
49 <reference source="CPE" ref_id="{{ os_cpe }}"/> | |
50 <description>{{ os._name }} is installed</description> | |
51 <oval_repository> | |
52 <dates> | |
53 <submitted date="{{ now.isoformat() }}"> | |
54 <contributor organization="SecPod Technologies">SecPod Team</contributor> | |
55 </submitted> | |
56 </dates> | |
57 <status>ACCEPTED</status> | |
58 </oval_repository> | |
59 </metadata> | |
60 <criteria> | |
61 <criterion comment="{{ os._name }} is installed" test_ref="oval:org.secpod.oval:tst:511359"/> | |
62 </criteria> | |
63 </definition> | |
64 <definition version="1" class="inventory" id="oval:org.secpod.oval:def:501309"> | |
65 <metadata> | |
66 <title> {{ package._name }} is installed</title> | |
67 <affected family="unix"> | |
68 <platform>{{ package._name }}</platform> | |
69 </affected> | |
70 <reference source="CPE" ref_id="{{ os_cpe }}"/> | |
71 <description>{{ package._name }} is installed</description> | |
72 <oval_repository> | |
73 <dates> | |
74 <submitted date="{{ now.isoformat() }}"> | |
75 <contributor organization="SecPod Technologies">SecPod Team</contributor> | |
76 </submitted> | |
77 </dates> | |
78 <status>ACCEPTED</status> | |
79 </oval_repository> | |
80 </metadata> | |
81 <criteria> | |
82 <criterion comment="{{ package._name }} is installed" test_ref="oval:org.secpod.oval:tst:511359"/> | |
83 </criteria> | |
84 </definition> | |
85 <definition version="0" class="patch" id="oval:org.secpod.oval:def:501352"> | |
86 <metadata> | |
87 <title>{{ cvrf._title }} ({{ cvrf._tracking._id }})</title> | |
88 <affected family="unix"> | |
89 <platform>{{ os._name }}</platform> | |
90 <product> {{ package._name }}</product> | |
91 </affected> | |
92 <reference source="VENDOR" ref_url="{% for ref in cvrf._references %} {%-if 'RHSA-' in ref._url %}{{ref._url}}{%- endif %} {%- endfor %}" ref_id="{{ cvrf._tracking._id }}"/> | |
93 | |
94 {%- for vuln in cvrf._vulnerabilities %} | |
95 <reference source="CVE" ref_url="http://www.scaprepo.com/view.jsp?id={{ vuln._cve }}" ref_id="{{ vuln._cve }}"/> | |
96 {%- endfor %}) | |
97 <description>{{ oval_core.notes(cvrf, 'Details') }}</description> | |
98 <oval_repository> | |
99 <dates> | |
100 <submitted date="{{ now.isoformat() }}"> | |
101 <contributor organization="SecPod Technologies">SecPod Team</contributor> | |
102 </submitted> | |
103 </dates> | |
104 <status>INITIAL SUBMISSION</status> | |
105 </oval_repository> | |
106 </metadata> | |
107 <criteria operator="AND"> | |
108 <extend_definition comment="{{ os._name }} is installed" definition_ref="oval:org.secpod.oval:def:501309"/> | |
109 <extend_definition comment=" {{ package._name }} is installed" definition_ref="oval:org.secpod.oval:def:203387"/> | |
110 <criteria comment="All dependent packages of {{ package._name }} " operator="OR"> | |
111 <criterion comment=" {{ package._name }} is earlier than 0:2.3.5-3.el7_0" test_ref="oval:org.secpod.oval:tst:215690"/> | |
112 </criteria> | |
113 </criteria> | |
114 </definition> | |
115 </definitions> | |
116 <tests> | |
117 <textfilecontent54_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="Red Hat Enterprise Linux 7 is installed" id="oval:org.secpod.oval:tst:511359" version="1" check="all" check_existence="at_least_one_exists"> | |
118 <object object_ref="oval:org.secpod.oval:obj:500000"/> | |
119 <state state_ref="oval:org.secpod.oval:ste:502133"/> | |
120 </textfilecontent54_test> | |
121 <rpminfo_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" comment="{{ package._name }} is installed" version="0" check="all" check_existence="at_least_one_exists"> | |
122 <object object_ref="oval:org.secpod.oval:obj:200887"/> | |
123 </rpminfo_test> | |
124 <rpminfo_test xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" comment=" {{ package._name }} is earlier than 0:2.3.5-3.el7_0" id="oval:org.secpod.oval:tst:215690" version="0" check="all" check_existence="at_least_one_exists"> | |
125 <object object_ref="oval:org.secpod.oval:obj:200887"/> | |
126 <state state_ref="oval:org.secpod.oval:ste:203835"/> | |
127 </rpminfo_test> | |
128 </tests> | |
129 <objects> | |
130 <textfilecontent54_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="Object holds RHEL version" id="oval:org.secpod.oval:obj:500000" version="1"> | |
131 <path>/etc</path> | |
132 <filename>redhat-release</filename> | |
133 <pattern operation="pattern match">^Red Hat Enterprise.*release.*$</pattern> | |
134 <instance datatype="int">1</instance> | |
135 </textfilecontent54_object> | |
136 <rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" comment="resteasy-base package information" id="oval:org.secpod.oval:obj:200887" version="0"> | |
137 <name>{{ package._name }}</name> | |
138 </rpminfo_object> | |
139 </objects> | |
140 <states> | |
141 <textfilecontent54_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" comment="State matches RHEL 7" id="oval:org.secpod.oval:ste:502133" version="1"> | |
142 <text operation="pattern match">^Red Hat Enterprise.*release 7.*$</text> | |
143 </textfilecontent54_state> | |
144 <rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" comment="version is earlier than 0:2.3.5-3.el7_0" id="oval:org.secpod.oval:ste:203835" version="0"> | |
145 <evr datatype="evr_string" operation="less than">0:2.3.5-3.el7_0</evr> | |
146 </rpminfo_state> | |
147 </states> | |
148 </oval_definitions> | |
149 | |
150 {{- done.append((rls, rpm)) or '' }} | |
151 {%- endif %} | |
152 {%- endif %} | |
153 {%- endif %} | |
154 {%- endfor %} |