view farolluz/templates/cvrf.j2 @ 1:d47e1164740f

Add support for AggregateSeverity
author Benoît Allard <benoit.allard@greenbone.net>
date Wed, 24 Sep 2014 08:26:56 +0200
parents e18b61a73a68
children c5cf387b5785
line wrap: on
line source
{#
# Description:
# Template for generation of CVRF documents
#
# Authors:
# BenoƮt Allard <benoit.allard@greenbone.net>
#
# Copyright:
# Copyright (C) 2014 Greenbone Networks GmbH
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
-#}

<?xml version="1.0" encoding="utf-8"?>

{#- Some macros for producttree generation #}
{%- macro FullProductNames(producttree, parent) %}
  {%- for product in producttree._products %}
    {%- if product._parent is sameas parent %}
      <FullProductName{{ {'ProductID': product._productid, 'CPE': product._cpe} | xmlattr }}>
        {{- product._name -}}
      </FullProductName>
    {%- endif %}
  {%- endfor %}
{%- endmacro %}

{%- macro Note(note) -%}
  <Note{{ {'Type': note._type, 'Ordinal': note._ordinal, 'Title': note._title, 'Audience': note._audience} | xmlattr }}>
    {{- note._note | escape -}}
  </Note>
{%- endmacro %}
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1">
  <DocumentTitle>{{ cvrf._title }}</DocumentTitle>
  <DocumentType>{{ cvrf._type }}</DocumentType>
  {%- with publisher = cvrf._publisher %}
  <DocumentPublisher{{ {'Type': publisher._type, 'VendorID': publisher._vendorid} | xmlattr }}>
    {%- if publisher._contact %}
    <ContactDetails>{{ publisher._contact }}</ContactDetails>
    {%- endif %}
    {%- if publisher._authority %}
    <IssuingAuthority>{{ publisher._authority }}</IssuingAuthority>
    {%- endif %}
  </DocumentPublisher>
  {%- endwith %}
  {%- with tracking = cvrf._tracking %}
  <DocumentTracking>
    <Identification>
      <ID>{{ tracking._identification._id }}</ID>
      {%- for alias in tracking._identification._aliases %}
      <Alias>{{ alias }}</Alias>
      {%- endfor %}
    </Identification>
    <Status>{{ tracking._status }}</Status>
    <Version>{{ tracking._version | join('.') }}</Version>
    <RevisionHistory>
      {%- for revision in tracking._history %}
      <Revision>
        <Number>{{ revision._number | join('.') }}</Number>
        <Date>{{ revision._date.isoformat() }}</Date>
        <Description>{{ revision._description }}</Description>
      </Revision>
      {%- endfor %}
    </RevisionHistory>
    <InitialReleaseDate>{{ tracking._initialDate.isoformat() }}</InitialReleaseDate>
    <CurrentReleaseDate>{{ tracking._currentDate.isoformat() }}</CurrentReleaseDate>
    {%- if tracking._generator %}
    <Generator>
    {%- with generator = tracking._generator %}
      {%- if generator._engine %}
      <Engine>{{ generator._engine }}</Engine>
      {%- endif %}
      {%- if generator._date %}
      <Date>{{ generator._date.isoformat() }}</Date>
      {%- endif %}
    {%- endwith %}
    </Generator>
    {%- endif %}
  </DocumentTracking>
  {%- endwith %}
  {%- if cvrf._notes %}
  <DocumentNotes>
    {%- for note in cvrf._notes %}
    {{ Note(note) }}
    {%- endfor %}
  </DocumentNotes>
  {%- endif %}
  {%- if cvrf._distribution %}
  <DocumentDistribution>{{ cvrf._distribution }}</DocumentDistribution>
  {%- endif %}
  {%- if cvrf._aggregateseverity %}
  <AggregateSeverity{{ {'Namespace': cvrf._aggregateseverity._namespace} | xmlattr }}>
    {{- cvrf._aggregateseverity._severity -}}
  </AggregateSeverity>
  {%- endif %}
  {%- if cvrf._references %}
  <DocumentReferences>
    {%- for reference in cvrf._references %}
    <Reference{{ {'Type': reference._type} | xmlattr }}>
      <URL>{{ reference._url }}</URL>
      <Description>{{ reference._description }}</Description>
    </Reference>
    {%- endfor %}
  </DocumentReferences>
  {%- endif %}
  {%- if cvrf._acknowledgments %}
  <Acknowledgments>
    {%- for acknowledgment in cvrf._acknowledgments %}
    <Acknowledgment>
      {%- if acknowledgment._name %}
      <Name>{{ acknowledgment._name }}</Name>
      {%- endif %}
      {%- if acknowledgment._organization %}
      <Organization>{{ acknowledgment._organization }}</Organization>
      {%- endif %}
      {%- if acknowledgment._description %}
      <Description>{{ acknowledgment._description }}</Description>
      {%- endif %}
      {%- if acknowledgment._url %}
      <URL>{{ acknowledgment._url }}</URL>
      {%- endif %}
    </Acknowledgment>
    {%- endfor %}
  </Acknowledgments>
  {%- endif %}
  {%- if cvrf._producttree %}
  <ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
  {%- with producttree = cvrf._producttree %}
    {%- for branch in producttree._branches recursive %}
    <Branch{{ {'Type': branch._type, 'Name': branch._name} | xmlattr }}>
      {{- loop(branch._childs) }}
      {{- FullProductNames(producttree, branch) }}
    </Branch>
    {%- endfor %}
    {{ FullProductNames(producttree, producttree) }}
    {%- for relationship in producttree._relationships -%}
    <Relationship{{ {'ProductReference': relationship._productreference, 'RelationType': relationship._relationtype, 'RelatesToProductReference': relationship._relatestoproductreference} | xmlattr }}>
      {{- FullProductNames(producttree, relationship) }}
    </Relationship>
    {%- endfor %}
    {%- if producttree._groups %}
    <ProductGroups>
      {%- for group in producttree._groups %}
      <Group{{ {'GroupID': group._id} | xmlattr }}>
        {%- if group._description %}
        <Description>{{ group._description }}</Description>
        {%- endif %}
        {%- for productid in group._productids %}
        <ProductID>{{ productid }}</ProductID>
        {%- endfor %}
      </Group>
      {%- endfor %}
    </ProductGroups>
    {%- endif %}
  {%- endwith %}
  </ProductTree>
  {%- endif %}
  {%- for vulnerability in cvrf._vulnerabilities %}
  <Vulnerability xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1" Ordinal="{{ vulnerability._ordinal}}">
    {%- if vulnerability._title %}
    <Title>{{ vulnerability._title }}</Title>
    {%- endif %}
    {%- if vulnerability._id %}
    <ID SystemName="{{ vulnerability._id._systemname }}">{{ vulnerability._id._value }}</ID>
    {%- endif %}
    {%- if vulnerability._notes %}
    <Notes>
      {%- for note in vulnerability._notes %}
      {{ Note(note) }}
      {%- endfor %}
    </Notes>
    {%- endif %}
    {%- if vulnerability._discoverydate %}
    <DiscoveryDate>{{ vulnerability._discoverydate.isoformat() }}</DiscoveryDate>
    {%- endif %}
    {%- if vulnerability._releasedate %}
    <ReleaseDate>{{ vulnerability._releasedate.isoformat() }}</ReleaseDate>
    {%- endif %}
    {%- if vulnerability._involvements %}
    <Involvements>
      {%- for involvement in vulnerability._involvements %}
      <Involvement{{ {'Party': involvement._party, 'Status': involvement._status} | xmlattr }}>
        {%- if involvement._description %}
        <Description>{{ involvement._description }}</Description>
        {%- endif %}
      </Involvement>
      {%- endfor %}
    </Involvements>
    {%- endif %}
    {%- if vulnerability._cve %}
    <CVE>{{ vulnerability._cve }}</CVE>
    {%- endif %}
    {%- for cwe in vulnerability._cwes %}
    <CWE ID="{{ cwe._id }}">{{ cwe._value }}</CWE>
    {%- endfor %}
    {%- if vulnerability._productstatuses %}
    <ProductStatuses>
      {%- for status in vulnerability._productstatuses %}
      <Status Type="{{ status._type }}">
        {%- for productid in status._productids %}
        <ProductID>{{ productid }}</ProductID>
        {%- endfor %}
      </Status>
      {%- endfor %}
    </ProductStatuses>
    {%- endif %}
    {%- if vulnerability._cvsss %}
    <CVSSScoreSets>
      {%- for cvss in vulnerability._cvsss %}
      <ScoreSet>
        <BaseScore>{{ cvss._basescore }}</BaseScore>
        {%- if cvss._temporalscore %}
        <TemporalScore>{{ cvss._temporalscore }}</TemporalScore>
        {%- endif %}
        {%- if cvss._environmentalscore %}
        <EnvironmentalScore>{{ cvss._environmentalscore }}</EnvironmentalScore>
        {%- endif %}
        {%- if cvss._vector %}
        <Vector>{{ cvss._vector }}</Vector>
        {%- endif %}
        {%- for productid in cvss._productids %}
        <ProductID>{{productid}}</ProductID>
        {%- endfor %}
      </ScoreSet>
      {%- endfor %}
    </CVSSScoreSets>
    {%- endif %}
    {%- if vulnerability._remediations %}
    <Remediations>
      {%- for remediation in vulnerability._remediations %}
      <Remediation Type="{{ remediation._type }}"{% if remediation._date %} Date="{{ remediation._date.isoformat() }}"{% endif %}>
        <Description>{{ remediation._description }}</Description>
        {%- if remediation._entitlement %}
        <Entitlement>{{ remediation._entitlement }}</Entitlement>
        {%- endif %}
        {%- if remediation._url %}
        <URL>{{ remediation._url }}</URL>
        {%- endif %}
        {%- for productid in remediation._productids %}
        <ProductID>{{ productid }}</ProductID>
        {%- endfor %}
        {%- for groupid in remediation._groupids %}
        <GroupID>{{ groupid }}</GroupID>
        {%- endfor %}
      </Remediation>
      {%- endfor %}
    </Remediations>
    {%- endif %}
  </Vulnerability>
  {%- endfor %}
</cvrfdoc>
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)