Mercurial > farol > farolluz
diff farolluz/templates/cvrf.j2 @ 0:e18b61a73a68
Initial Release
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Tue, 23 Sep 2014 15:19:14 +0200 |
parents | |
children | d47e1164740f |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/farolluz/templates/cvrf.j2 Tue Sep 23 15:19:14 2014 +0200 @@ -0,0 +1,258 @@ +{# +# Description: +# Template for generation of CVRF documents +# +# Authors: +# BenoƮt Allard <benoit.allard@greenbone.net> +# +# Copyright: +# Copyright (C) 2014 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +-#} + +<?xml version="1.0" encoding="utf-8"?> + +{#- Some macros for producttree generation #} +{%- macro FullProductNames(producttree, parent) %} + {%- for product in producttree._products %} + {%- if product._parent is sameas parent %} + <FullProductName{{ {'ProductID': product._productid, 'CPE': product._cpe} | xmlattr }}> + {{- product._name -}} + </FullProductName> + {%- endif %} + {%- endfor %} +{%- endmacro %} + +{%- macro Note(note) -%} + <Note{{ {'Type': note._type, 'Ordinal': note._ordinal, 'Title': note._title, 'Audience': note._audience} | xmlattr }}> + {{- note._note | escape -}} + </Note> +{%- endmacro %} +<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1"> + <DocumentTitle>{{ cvrf._title }}</DocumentTitle> + <DocumentType>{{ cvrf._type }}</DocumentType> + {%- with publisher = cvrf._publisher %} + <DocumentPublisher{{ {'Type': publisher._type, 'VendorID': publisher._vendorid} | xmlattr }}> + {%- if publisher._contact %} + <ContactDetails>{{ publisher._contact }}</ContactDetails> + {%- endif %} + {%- if publisher._authority %} + <IssuingAuthority>{{ publisher._authority }}</IssuingAuthority> + {%- endif %} + </DocumentPublisher> + {%- endwith %} + {%- with tracking = cvrf._tracking %} + <DocumentTracking> + <Identification> + <ID>{{ tracking._identification._id }}</ID> + {%- for alias in tracking._identification._aliases %} + <Alias>{{ alias }}</Alias> + {%- endfor %} + </Identification> + <Status>{{ tracking._status }}</Status> + <Version>{{ tracking._version | join('.') }}</Version> + <RevisionHistory> + {%- for revision in tracking._history %} + <Revision> + <Number>{{ revision._number | join('.') }}</Number> + <Date>{{ revision._date.isoformat() }}</Date> + <Description>{{ revision._description }}</Description> + </Revision> + {%- endfor %} + </RevisionHistory> + <InitialReleaseDate>{{ tracking._initialDate.isoformat() }}</InitialReleaseDate> + <CurrentReleaseDate>{{ tracking._currentDate.isoformat() }}</CurrentReleaseDate> + {%- if tracking._generator %} + <Generator> + {%- with generator = tracking._generator %} + {%- if generator._engine %} + <Engine>{{ generator._engine }}</Engine> + {%- endif %} + {%- if generator._date %} + <Date>{{ generator._date.isoformat() }}</Date> + {%- endif %} + {%- endwith %} + </Generator> + {%- endif %} + </DocumentTracking> + {%- endwith %} + {%- if cvrf._notes %} + <DocumentNotes> + {%- for note in cvrf._notes %} + {{ Note(note) }} + {%- endfor %} + </DocumentNotes> + {%- endif %} + {%- if cvrf._distribution %} + <DocumentDistribution>{{ cvrf._distribution }}</DocumentDistribution> + {%- endif %} + {#- AggregateSeverity is missing #} + {%- if cvrf._references %} + <DocumentReferences> + {%- for reference in cvrf._references %} + <Reference{{ {'Type': reference._type} | xmlattr }}> + <URL>{{ reference._url }}</URL> + <Description>{{ reference._description }}</Description> + </Reference> + {%- endfor %} + </DocumentReferences> + {%- endif %} + {%- if cvrf._acknowledgments %} + <Acknowledgments> + {%- for acknowledgment in cvrf._acknowledgments %} + <Acknowledgment> + {%- if acknowledgment._name %} + <Name>{{ acknowledgment._name }}</Name> + {%- endif %} + {%- if acknowledgment._organization %} + <Organization>{{ acknowledgment._organization }}</Organization> + {%- endif %} + {%- if acknowledgment._description %} + <Description>{{ acknowledgment._description }}</Description> + {%- endif %} + {%- if acknowledgment._url %} + <URL>{{ acknowledgment._url }}</URL> + {%- endif %} + </Acknowledgment> + {%- endfor %} + </Acknowledgments> + {%- endif %} + {%- if cvrf._producttree %} + <ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1"> + {%- with producttree = cvrf._producttree %} + {%- for branch in producttree._branches recursive %} + <Branch{{ {'Type': branch._type, 'Name': branch._name} | xmlattr }}> + {{- loop(branch._childs) }} + {{- FullProductNames(producttree, branch) }} + </Branch> + {%- endfor %} + {{ FullProductNames(producttree, producttree) }} + {%- for relationship in producttree._relationships -%} + <Relationship{{ {'ProductReference': relationship._productreference, 'RelationType': relationship._relationtype, 'RelatesToProductReference': relationship._relatestoproductreference} | xmlattr }}> + {{- FullProductNames(producttree, relationship) }} + </Relationship> + {%- endfor %} + {%- if producttree._groups %} + <ProductGroups> + {%- for group in producttree._groups %} + <Group{{ {'GroupID': group._id} | xmlattr }}> + {%- if group._description %} + <Description>{{ group._description }}</Description> + {%- endif %} + {%- for productid in group._productids %} + <ProductID>{{ productid }}</ProductID> + {%- endfor %} + </Group> + {%- endfor %} + </ProductGroups> + {%- endif %} + {%- endwith %} + </ProductTree> + {%- endif %} + {%- for vulnerability in cvrf._vulnerabilities %} + <Vulnerability xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1" Ordinal="{{ vulnerability._ordinal}}"> + {%- if vulnerability._title %} + <Title>{{ vulnerability._title }}</Title> + {%- endif %} + {%- if vulnerability._id %} + <ID SystemName="{{ vulnerability._id._systemname }}">{{ vulnerability._id._value }}</ID> + {%- endif %} + {%- if vulnerability._notes %} + <Notes> + {%- for note in vulnerability._notes %} + {{ Note(note) }} + {%- endfor %} + </Notes> + {%- endif %} + {%- if vulnerability._discoverydate %} + <DiscoveryDate>{{ vulnerability._discoverydate.isoformat() }}</DiscoveryDate> + {%- endif %} + {%- if vulnerability._releasedate %} + <ReleaseDate>{{ vulnerability._releasedate.isoformat() }}</ReleaseDate> + {%- endif %} + {%- if vulnerability._involvements %} + <Involvements> + {%- for involvement in vulnerability._involvements %} + <Involvement{{ {'Party': involvement._party, 'Status': involvement._status} | xmlattr }}> + {%- if involvement._description %} + <Description>{{ involvement._description }}</Description> + {%- endif %} + </Involvement> + {%- endfor %} + </Involvements> + {%- endif %} + {%- if vulnerability._cve %} + <CVE>{{ vulnerability._cve }}</CVE> + {%- endif %} + {%- for cwe in vulnerability._cwes %} + <CWE ID="{{ cwe._id }}">{{ cwe._value }}</CWE> + {%- endfor %} + {%- if vulnerability._productstatuses %} + <ProductStatuses> + {%- for status in vulnerability._productstatuses %} + <Status Type="{{ status._type }}"> + {%- for productid in status._productids %} + <ProductID>{{ productid }}</ProductID> + {%- endfor %} + </Status> + {%- endfor %} + </ProductStatuses> + {%- endif %} + {%- if vulnerability._cvsss %} + <CVSSScoreSets> + {%- for cvss in vulnerability._cvsss %} + <ScoreSet> + <BaseScore>{{ cvss._basescore }}</BaseScore> + {%- if cvss._temporalscore %} + <TemporalScore>{{ cvss._temporalscore }}</TemporalScore> + {%- endif %} + {%- if cvss._environmentalscore %} + <EnvironmentalScore>{{ cvss._environmentalscore }}</EnvironmentalScore> + {%- endif %} + {%- if cvss._vector %} + <Vector>{{ cvss._vector }}</Vector> + {%- endif %} + {%- for productid in cvss._productids %} + <ProductID>{{productid}}</ProductID> + {%- endfor %} + </ScoreSet> + {%- endfor %} + </CVSSScoreSets> + {%- endif %} + {%- if vulnerability._remediations %} + <Remediations> + {%- for remediation in vulnerability._remediations %} + <Remediation Type="{{ remediation._type }}"{% if remediation._date %} Date="{{ remediation._date.isoformat() }}"{% endif %}> + <Description>{{ remediation._description }}</Description> + {%- if remediation._entitlement %} + <Entitlement>{{ remediation._entitlement }}</Entitlement> + {%- endif %} + {%- if remediation._url %} + <URL>{{ remediation._url }}</URL> + {%- endif %} + {%- for productid in remediation._productids %} + <ProductID>{{ productid }}</ProductID> + {%- endfor %} + {%- for groupid in remediation._groupids %} + <GroupID>{{ groupid }}</GroupID> + {%- endfor %} + </Remediation> + {%- endfor %} + </Remediations> + {%- endif %} + </Vulnerability> + {%- endfor %} +</cvrfdoc>