Mercurial > farol > farolluz
view farolluz/templates/cvrf.j2 @ 11:91d2a97f8bb4
Add some missing elements in the CVRF generation
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Wed, 08 Oct 2014 12:46:45 +0200 |
| parents | 7998a57c9b48 |
| children | 858d8c0b49e2 |
line wrap: on
line source
{# # Description: # Template for generation of CVRF documents # # Authors: # BenoƮt Allard <benoit.allard@greenbone.net> # # Copyright: # Copyright (C) 2014 Greenbone Networks GmbH # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -#} <?xml version="1.0" encoding="utf-8"?> {#- A macro for producttree generation #} {%- macro FullProductNames(producttree, parent) %} {%- for product in producttree._products %} {%- if product._parent is sameas parent %} <FullProductName{{ {'ProductID': product._productid, 'CPE': product._cpe} | xmlattr }}> {{- product._name -}} </FullProductName> {%- endif %} {%- endfor %} {%- endmacro %} {#- Some macros about more generic types #} {%- macro Note(note) -%} <Note{{ {'Type': note._type, 'Ordinal': note._ordinal, 'Title': note._title, 'Audience': note._audience} | xmlattr }}> {{- note._note | escape -}} </Note> {%- endmacro -%} {%- macro Reference(reference) -%} <Reference{{ {'Type': reference._type} | xmlattr }}> <URL>{{ reference._url }}</URL> <Description>{{ reference._description }}</Description> </Reference> {%- endmacro -%} {%- macro Acknowledgment(acknowledgment) -%} <Acknowledgment> {%- for name in acknowledgment._names %} <Name>{{ name }}</Name> {%- endfor %} {%- for organization in acknowledgment._organizations %} <Organization>{{ organization }}</Organization> {%- endfor %} {%- if acknowledgment._description %} <Description>{{ acknowledgment._description }}</Description> {%- endif %} {%- if acknowledgment._url %} <URL>{{ acknowledgment._url }}</URL> {%- endif %} </Acknowledgment> {%- endmacro -%} <cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1"> <DocumentTitle>{{ cvrf._title }}</DocumentTitle> <DocumentType>{{ cvrf._type }}</DocumentType> {%- with publisher = cvrf._publisher %}{% if publisher %} <DocumentPublisher{{ {'Type': publisher._type, 'VendorID': publisher._vendorid} | xmlattr }}> {%- if publisher._contact %} <ContactDetails>{{ publisher._contact }}</ContactDetails> {%- endif %} {%- if publisher._authority %} <IssuingAuthority>{{ publisher._authority }}</IssuingAuthority> {%- endif %} </DocumentPublisher> {%- endif %}{% endwith %} {%- with tracking = cvrf._tracking %}{% if tracking %} <DocumentTracking> <Identification> <ID>{{ tracking._identification._id }}</ID> {%- for alias in tracking._identification._aliases %} <Alias>{{ alias }}</Alias> {%- endfor %} </Identification> <Status>{{ tracking._status }}</Status> <Version>{{ tracking._version | join('.') }}</Version> <RevisionHistory> {%- for revision in tracking._history %} <Revision> <Number>{{ revision._number | join('.') }}</Number> <Date>{{ revision._date.isoformat() }}</Date> <Description>{{ revision._description }}</Description> </Revision> {%- endfor %} </RevisionHistory> <InitialReleaseDate>{{ tracking._initialDate.isoformat() }}</InitialReleaseDate> <CurrentReleaseDate>{{ tracking._currentDate.isoformat() }}</CurrentReleaseDate> {%- if tracking._generator %} <Generator> {%- with generator = tracking._generator %} {%- if generator._engine %} <Engine>{{ generator._engine }}</Engine> {%- endif %} {%- if generator._date %} <Date>{{ generator._date.isoformat() }}</Date> {%- endif %} {%- endwith %} </Generator> {%- endif %} </DocumentTracking> {%- endif %}{% endwith %} {%- if cvrf._notes %} <DocumentNotes> {%- for note in cvrf._notes %} {{ Note(note) }} {%- endfor %} </DocumentNotes> {%- endif %} {%- if cvrf._distribution %} <DocumentDistribution>{{ cvrf._distribution }}</DocumentDistribution> {%- endif %} {%- if cvrf._aggregateseverity %} <AggregateSeverity{{ {'Namespace': cvrf._aggregateseverity._namespace} | xmlattr }}> {{- cvrf._aggregateseverity._severity -}} </AggregateSeverity> {%- endif %} {%- if cvrf._references %} <DocumentReferences> {%- for reference in cvrf._references %} {{ Reference(reference) }} {%- endfor %} </DocumentReferences> {%- endif %} {%- if cvrf._acknowledgments %} <Acknowledgments> {%- for acknowledgment in cvrf._acknowledgments %} {{ Acknowledgment(acknowledgment) }} {%- endfor %} </Acknowledgments> {%- endif %} {%- if cvrf._producttree %} <ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1"> {%- with producttree = cvrf._producttree %} {%- for branch in producttree._branches recursive %} <Branch{{ {'Type': branch._type, 'Name': branch._name} | xmlattr }}> {{- loop(branch._childs) }} {{- FullProductNames(producttree, branch) }} </Branch> {%- endfor %} {{ FullProductNames(producttree, producttree) }} {%- for relationship in producttree._relationships -%} <Relationship{{ {'ProductReference': relationship._productreference, 'RelationType': relationship._relationtype, 'RelatesToProductReference': relationship._relatestoproductreference} | xmlattr }}> {{- FullProductNames(producttree, relationship) }} </Relationship> {%- endfor %} {%- if producttree._groups %} <ProductGroups> {%- for group in producttree._groups %} <Group{{ {'GroupID': group._id} | xmlattr }}> {%- if group._description %} <Description>{{ group._description }}</Description> {%- endif %} {%- for productid in group._productids %} <ProductID>{{ productid }}</ProductID> {%- endfor %} </Group> {%- endfor %} </ProductGroups> {%- endif %} {%- endwith %} </ProductTree> {%- endif %} {%- for vulnerability in cvrf._vulnerabilities %} <Vulnerability xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1" Ordinal="{{ vulnerability._ordinal}}"> {%- if vulnerability._title %} <Title>{{ vulnerability._title }}</Title> {%- endif %} {%- if vulnerability._id %} <ID SystemName="{{ vulnerability._id._systemname }}">{{ vulnerability._id._value }}</ID> {%- endif %} {%- if vulnerability._notes %} <Notes> {%- for note in vulnerability._notes %} {{ Note(note) }} {%- endfor %} </Notes> {%- endif %} {%- if vulnerability._discoverydate %} <DiscoveryDate>{{ vulnerability._discoverydate.isoformat() }}</DiscoveryDate> {%- endif %} {%- if vulnerability._releasedate %} <ReleaseDate>{{ vulnerability._releasedate.isoformat() }}</ReleaseDate> {%- endif %} {%- if vulnerability._involvements %} <Involvements> {%- for involvement in vulnerability._involvements %} <Involvement{{ {'Party': involvement._party, 'Status': involvement._status} | xmlattr }}> {%- if involvement._description %} <Description>{{ involvement._description }}</Description> {%- endif %} </Involvement> {%- endfor %} </Involvements> {%- endif %} {%- if vulnerability._cve %} <CVE>{{ vulnerability._cve }}</CVE> {%- endif %} {%- for cwe in vulnerability._cwes %} <CWE ID="{{ cwe._id }}">{{ cwe._value }}</CWE> {%- endfor %} {%- if vulnerability._productstatuses %} <ProductStatuses> {%- for status in vulnerability._productstatuses %} <Status Type="{{ status._type }}"> {%- for productid in status._productids %} <ProductID>{{ productid }}</ProductID> {%- endfor %} </Status> {%- endfor %} </ProductStatuses> {%- endif %} {%- if vulnerability._threats %} <Threats> {%- for threat in vulnerability._threats %} <Threat Type="{{ threat._type }}"{{ ' Date="%s"' % threat._date.isoformat() if threat._date }}> <Description>{{ threat._description }}</Description> {%- for productid in threat._productids %} <ProductID>{{ productid }}</ProductID> {%- endfor %} {%- for groupid in threat._groupids %} <GroupID>{{ groupid }}</GroupID> {%- endfor %} </Threat> {%- endfor %} </Threats> {%- endif %} {%- if vulnerability._cvsss %} <CVSSScoreSets> {%- for cvss in vulnerability._cvsss %} <ScoreSet> <BaseScore>{{ cvss._basescore }}</BaseScore> {%- if cvss._temporalscore %} <TemporalScore>{{ cvss._temporalscore }}</TemporalScore> {%- endif %} {%- if cvss._environmentalscore %} <EnvironmentalScore>{{ cvss._environmentalscore }}</EnvironmentalScore> {%- endif %} {%- if cvss._vector %} <Vector>{{ cvss._vector }}</Vector> {%- endif %} {%- for productid in cvss._productids %} <ProductID>{{ productid }}</ProductID> {%- endfor %} </ScoreSet> {%- endfor %} </CVSSScoreSets> {%- endif %} {%- if vulnerability._remediations %} <Remediations> {%- for remediation in vulnerability._remediations %} <Remediation Type="{{ remediation._type }}"{% if remediation._date %} Date="{{ remediation._date.isoformat() }}"{% endif %}> <Description>{{ remediation._description }}</Description> {%- if remediation._entitlement %} <Entitlement>{{ remediation._entitlement }}</Entitlement> {%- endif %} {%- if remediation._url %} <URL>{{ remediation._url }}</URL> {%- endif %} {%- for productid in remediation._productids %} <ProductID>{{ productid }}</ProductID> {%- endfor %} {%- for groupid in remediation._groupids %} <GroupID>{{ groupid }}</GroupID> {%- endfor %} </Remediation> {%- endfor %} </Remediations> {%- endif %} {%- if vulnerability._references %} <References> {%- for reference in vulnerability._references %} {{ Reference(reference) }} {%- endfor %} </References> {%- endif %} {%- if vulnerability._acknowledgments %} <Acknowledgments> {%- for acknowledgment in vulnerability._acknowledgments %} {{ Acknowledgment(acknowledgment) }} {%- endfor %} </Acknowledgments> {%- endif %} </Vulnerability> {%- endfor %} </cvrfdoc>