Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Editor revision for TC meeting 2024-11-27 #839

Open
wants to merge 59 commits into
base: master
Choose a base branch
from
Open

Editor revision for TC meeting 2024-11-27 #839

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
59 commits
Select commit Hold shift + click to select a range
72917c1
Editor Revision 2024-11-27
tschmidtb51 Nov 4, 2024
64c4af2
Sharing Groups
tschmidtb51 Nov 4, 2024
f7f2e15
Merge pull request #822 from tschmidtb51/editorial-2024-11-27
tschmidtb51 Nov 6, 2024
60a460b
Sharing Groups
tschmidtb51 Nov 18, 2024
02ae5ba
Sharing Groups
tschmidtb51 Nov 18, 2024
71bbbd2
Sharing Groups
tschmidtb51 Nov 18, 2024
077fc24
Sharing Groups
tschmidtb51 Nov 18, 2024
3487dad
Sharing Groups
tschmidtb51 Nov 18, 2024
dcee34c
Sharing Groups
tschmidtb51 Nov 18, 2024
c027e19
Sharing Groups
tschmidtb51 Nov 18, 2024
0d98fc4
Sharing Groups
tschmidtb51 Nov 18, 2024
38d97ce
Sharing Groups
tschmidtb51 Nov 18, 2024
34cd7ba
Sharing Groups
tschmidtb51 Nov 18, 2024
025eed0
Sharing Groups
tschmidtb51 Nov 18, 2024
cc06295
Sharing Groups
tschmidtb51 Nov 18, 2024
a7ace02
Sharing Groups
tschmidtb51 Nov 18, 2024
c3459bd
Sharing Groups
tschmidtb51 Nov 18, 2024
325ef97
Sharing Groups
tschmidtb51 Nov 18, 2024
8d44416
Editorial
tschmidtb51 Nov 18, 2024
33da68c
Editorial
tschmidtb51 Nov 18, 2024
611e797
Test 6.1.31
tschmidtb51 Nov 18, 2024
9458e49
Test 6.1.31
tschmidtb51 Nov 18, 2024
ef42155
ASCII armored OpenPGP
tschmidtb51 Nov 18, 2024
526a890
Rephrase word to list of words
tschmidtb51 Nov 19, 2024
f090e06
Changes.csv
tschmidtb51 Nov 20, 2024
15a2caf
Example values should be sorted
sthagen Nov 20, 2024
9a4fe44
Merge pull request #827 from tschmidtb51/test-6-1-31
tschmidtb51 Nov 21, 2024
739dfb3
Merge pull request #833 from oasis-tcs/master
tschmidtb51 Nov 23, 2024
ca1f51e
Date-time
tschmidtb51 Nov 23, 2024
a231be0
Date-time
tschmidtb51 Nov 23, 2024
5b99dc3
Date-time
tschmidtb51 Nov 23, 2024
d8fd250
Merge pull request #834 from tschmidtb51/date-time
tschmidtb51 Nov 25, 2024
bbf7729
Merge pull request #830 from tschmidtb51/changes-csv
santosomar Nov 27, 2024
b60af3d
Merge pull request #829 from tschmidtb51/clarify-openpgp
santosomar Nov 27, 2024
ba60e10
Clarify Inclusion of Open Source
tschmidtb51 Nov 29, 2024
6d11200
Nit: lower case general terms and clarify listing
sthagen Nov 29, 2024
b339fc6
Restored binding of including
sthagen Nov 29, 2024
034746b
Merge pull request #837 from tschmidtb51/editorial-2024-11-27
tschmidtb51 Dec 2, 2024
e20ba3b
Editor Revision 2024-11-27
tschmidtb51 Nov 4, 2024
a8d58d5
Test 6.1.31
tschmidtb51 Nov 18, 2024
b03b348
Test 6.1.31
tschmidtb51 Nov 18, 2024
14beb9d
Rephrase word to list of words
tschmidtb51 Nov 19, 2024
95d37cb
Date-time
tschmidtb51 Nov 23, 2024
9b35b83
Date-time
tschmidtb51 Dec 2, 2024
fe86df1
Date-time
tschmidtb51 Nov 23, 2024
78023c3
Changes.csv
tschmidtb51 Nov 20, 2024
58565c0
ASCII armored OpenPGP
tschmidtb51 Nov 18, 2024
1f9211a
Clarify Inclusion of Open Source
tschmidtb51 Nov 29, 2024
73520e9
Nit: lower case general terms and clarify listing
sthagen Nov 29, 2024
bf252ef
Restored binding of including
sthagen Nov 29, 2024
6a6df78
Date-time
tschmidtb51 Dec 2, 2024
a4fdcc9
Merge branch 'editor-revision-2024-11-27' into sharing-groups
tschmidtb51 Dec 2, 2024
a7ef22e
Merge pull request #826 from tschmidtb51/sharing-groups
tschmidtb51 Dec 2, 2024
c4ef71d
Document-technical edits and delivery items
sthagen Dec 3, 2024
79aa1a1
Editor Revision 2024-11-27
tschmidtb51 Dec 16, 2024
d8c9ddc
Editor Revision 2024-11-27
tschmidtb51 Dec 16, 2024
00e5c05
Editor Revision 2024-11-27
tschmidtb51 Dec 16, 2024
252e44c
Editor Revision 2024-11-27
tschmidtb51 Dec 16, 2024
0c478eb
Merge pull request #846 from tschmidtb51/editor-revision-2024-11-27
tschmidtb51 Dec 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions csaf_2.1/json_schema/csaf_json_schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -581,6 +581,37 @@
"tlp"
],
"properties": {
"sharing_group": {
"title": "Sharing Group",
"description": "Contains information about the group this document is intended to be shared with.",
"type": "object",
"required": [
"id"
],
"properties": {
"id": {
"title": "Sharing Group ID",
"description": "Provides the unique ID for the sharing group.",
"type": "string",
"format": "uuid",
"pattern": "^(([0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[0-9a-f]{4}-[0-9a-f]{12})|([0]{8}-([0]{4}-){3}[0]{12})|([f]{8}-([f]{4}-){3}[f]{12}))$"
},
"name": {
"title": "Sharing Group Name",
"description": "Contains a human-readable name for the sharing group.",
"type": "string",
"minLength": 1,
"examples": [
"Customer A",
"ISAC members",
"NIS2 regulated important entities in Germany, sector water",
"Pre-Sharing group for advisory discussion",
"Users of Product A",
"US Federal Civilian Authorities"
]
}
}
},
"text": {
"title": "Textual description",
"description": "Provides a textual description of additional constraints.",
Expand Down
5 changes: 5 additions & 0 deletions csaf_2.1/prose/edit/etc/bind.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,11 @@ tests-01-mndtr-33-multiple-flags-with-vex-justification-codes-per-product.md
tests-01-mndtr-34-branches-recursion-depth.md
tests-01-mndtr-35-contradicting-remediations.md
tests-01-mndtr-36-contradicting-product-status-remediation-combination.md
tests-01-mndtr-37-date-and-time.md
tests-01-mndtr-38-non-public-sharing-group-with-max-uuid.md
tests-01-mndtr-39-public-sharing-group-with-no-max-uuid.md
tests-01-mndtr-40-invalid-sharing-group-name.md
tests-01-mndtr-41-missing-sharing-group-name.md
tests-02-optional.md
tests-03-informative.md
distributing.md
Expand Down
259 changes: 134 additions & 125 deletions csaf_2.1/prose/edit/etc/example-global-to-local.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,130 +31,139 @@
"29": "version-type-semantic-versioning-eg-6",
"30": "document-property-aggregate-severity-eg-1",
"31": "document-property-category-eg-1",
"32": "document-property-distribution-text-eg-1",
"33": "document-property-distribution-tlp-eg-1",
"34": "document-property-publisher-contact-details-eg-1",
"35": "document-property-publisher-name-eg-1",
"36": "document-property-publisher-namespace-eg-1",
"37": "document-property-title-eg-1",
"38": "document-property-tracking-aliases-eg-1",
"39": "document-property-tracking-generator-eg-1",
"40": "document-property-tracking-generator-eg-2",
"41": "document-property-tracking-id-eg-1",
"42": "product-tree-property-product-groups-eg-1",
"43": "product-tree-property-relationships-eg-1",
"44": "vulnerabilities-property-cwes-eg-1",
"45": "vulnerabilities-property-cwes-eg-2",
"46": "vulnerabilities-property-cwes-eg-3",
"47": "vulnerabilities-property-ids-eg-1",
"48": "vulnerabilities-property-ids-eg-2",
"49": "filename-eg-1",
"50": "filename-eg-2",
"51": "missing-definition-of-product-id-eg-1",
"52": "multiple-definition-of-product-id-eg-1",
"53": "circular-definition-of-product-id-eg-1",
"54": "missing-definition-of-product-group-id-eg-1",
"55": "multiple-definition-of-product-group-id-eg-1",
"56": "contradicting-product-status-eg-1",
"57": "multiple-scores-with-same-version-per-product-eg-1",
"58": "invalid-cvss-eg-1",
"59": "invalid-cvss-computation-eg-1",
"60": "inconsistent-cvss-eg-1",
"61": "cwe-eg-1",
"62": "language-eg-1",
"63": "purl-eg-1",
"64": "sorted-revision-history-eg-1",
"65": "translator-eg-1",
"66": "latest-document-version-eg-1",
"67": "document-status-draft-eg-1",
"68": "released-revision-history-eg-1",
"69": "revision-history-entries-for-pre-release-versions-eg-1",
"70": "non-draft-document-version-eg-1",
"71": "missing-item-in-revision-history-eg-1",
"72": "multiple-definition-in-revision-history-eg-1",
"73": "multiple-use-of-same-cve-eg-1",
"74": "multiple-definition-in-involvements-eg-1",
"75": "multiple-use-of-same-hash-algorithm-eg-1",
"76": "prohibited-document-category-name-eg-1",
"77": "prohibited-document-category-name-eg-2",
"78": "document-notes-eg-1",
"79": "document-references-eg-1",
"80": "vulnerabilities-for-informational-advisory-eg-1",
"81": "product-tree-eg-1",
"82": "vulnerability-notes-eg-1",
"83": "product-status-eg-1",
"84": "vex-product-status-eg-1",
"85": "vulnerability-id-eg-1",
"86": "impact-statement-eg-1",
"87": "action-statement-eg-1",
"88": "vulnerabilities-for-security-advisory-or-vex-eg-1",
"89": "translation-eg-1",
"90": "remediation-without-product-reference-eg-1",
"91": "mixed-integer-and-semantic-versioning-eg-1",
"92": "version-range-in-product-version-eg-1",
"93": "flag-without-product-reference-eg-1",
"94": "multiple-flags-with-vex-justification-codes-per-product-eg-1",
"95": "mandatory-tests--branches-recursion-depth-eg-1",
"96": "contradicting-remediations-eg-1",
"97": "contradicting-product-status-remediation-combination-eg-1",
"32": "document-property-distribution-eg-1",

"98": "unused-definition-of-product-id-eg-1",
"99": "missing-remediation-eg-1",
"100": "missing-metric-eg-1",
"101": "build-metadata-in-revision-history-eg-1",
"102": "older-initial-release-date-than-revision-history-eg-1",
"103": "older-current-release-date-than-revision-history-eg-1",
"104": "missing-date-in-involvements-eg-1",
"105": "use-of-md5-as-the-only-hash-algorithm-eg-1",
"106": "use-of-sha-1-as-the-only-hash-algorithm-eg-1",
"107": "missing-tlp-label-eg-1",
"108": "missing-canonical-url-eg-1",
"109": "missing-document-language-eg-1",
"110": "optional-tests--sorting-eg-1",
"111": "use-of-private-language-eg-1",
"112": "use-of-default-language-eg-1",
"113": "missing-product-identification-helper-eg-1",
"114": "cve-in-field-ids-eg-1",
"115": "product-version-range-without-vers-eg-1",
"116": "cvss-for-fixed-products-eg-1",
"117": "additional-properties-eg-1",
"118": "same-timestamps-in-revision-history-eg-1",
"119": "document-tracking-id-in-title-eg-1",
"120": "usage-of-deprecated-cwe-eg-1",
"121": "usage-of-non-latest-cwe-version-eg-1",
"122": "usage-of-cwe-not-allowed-for-vulnerability-mapping-eg-1",
"123": "usage-of-cwe-allowed-with-review-for-vulnerability-mapping-eg-1",
"124": "discouraged-product-status-remediation-combination-eg-1",
"125": "use-of-cvss-v2-as-the-only-scoring-system-eg-1",
"126": "use-of-cvss-v3-0-eg-1",
"127": "missing-cve-eg-1",
"128": "missing-cwe-eg-1",
"129": "use-of-short-hash-eg-1",
"130": "use-of-non-self-referencing-urls-failing-to-resolve-eg-1",
"131": "use-of-self-referencing-urls-failing-to-resolve-eg-1",
"132": "spell-check-eg-1",
"133": "branch-categories-eg-1",
"134": "usage-of-product-version-range-eg-1",
"135": "usage-of-v-as-version-indicator-eg-1",
"136": "missing-cvss-v4-0-eg-1",
"137": "requirement-7-provider-metadata-json-eg-1",
"138": "requirement-8-security-txt-eg-1",
"139": "requirement-9-well-known-url-for-provider-metadata-json-eg-1",
"140": "requirement-11-one-folder-per-year-eg-1",
"141": "requirement-12-index-txt-eg-1",
"142": "requirement-13-changes-csv-eg-1",
"143": "requirement-15-rolie-feed-eg-1",
"144": "requirement-16-rolie-service-document-eg-1",
"145": "requirement-17-rolie-category-document-eg-1",
"146": "requirement-17-rolie-category-document-eg-2",
"147": "requirement-17-rolie-category-document-eg-3",
"148": "requirement-18-integrity-eg-1",
"149": "requirement-18-integrity-eg-2",
"150": "requirement-19-signatures-eg-1",
"151": "requirement-21-list-of-csaf-providers-eg-1",
"152": "requirement-23-mirror-eg-1",
"153": "conformance-clause-5-cvrf-csaf-converter-eg-1",
"154": "conformance-clause-5-cvrf-csaf-converter-eg-2",
"155": "conformance-clause-5-cvrf-csaf-converter-eg-3",
"156": "conformance-clause-5-cvrf-csaf-converter-eg-4"
"33": "document-property-distribution-text-eg-1",
"34": "document-property-distribution-tlp-eg-1",
"35": "document-property-publisher-contact-details-eg-1",
"36": "document-property-publisher-name-eg-1",
"37": "document-property-publisher-namespace-eg-1",
"38": "document-property-title-eg-1",
"39": "document-property-tracking-aliases-eg-1",
"40": "document-property-tracking-generator-eg-1",
"41": "document-property-tracking-generator-eg-2",
"42": "document-property-tracking-id-eg-1",
"43": "product-tree-property-product-groups-eg-1",
"44": "product-tree-property-relationships-eg-1",
"45": "vulnerabilities-property-cwes-eg-1",
"46": "vulnerabilities-property-cwes-eg-2",
"47": "vulnerabilities-property-cwes-eg-3",
"48": "vulnerabilities-property-ids-eg-1",
"49": "vulnerabilities-property-ids-eg-2",
"50": "filename-eg-1",
"51": "filename-eg-2",
"52": "missing-definition-of-product-id-eg-1",
"53": "multiple-definition-of-product-id-eg-1",
"54": "circular-definition-of-product-id-eg-1",
"55": "missing-definition-of-product-group-id-eg-1",
"56": "multiple-definition-of-product-group-id-eg-1",
"57": "contradicting-product-status-eg-1",
"58": "multiple-scores-with-same-version-per-product-eg-1",
"59": "invalid-cvss-eg-1",
"60": "invalid-cvss-computation-eg-1",
"61": "inconsistent-cvss-eg-1",
"62": "cwe-eg-1",
"63": "language-eg-1",
"64": "purl-eg-1",
"65": "sorted-revision-history-eg-1",
"66": "translator-eg-1",
"67": "latest-document-version-eg-1",
"68": "document-status-draft-eg-1",
"69": "released-revision-history-eg-1",
"70": "revision-history-entries-for-pre-release-versions-eg-1",
"71": "non-draft-document-version-eg-1",
"72": "missing-item-in-revision-history-eg-1",
"73": "multiple-definition-in-revision-history-eg-1",
"74": "multiple-use-of-same-cve-eg-1",
"75": "multiple-definition-in-involvements-eg-1",
"76": "multiple-use-of-same-hash-algorithm-eg-1",
"77": "prohibited-document-category-name-eg-1",
"78": "prohibited-document-category-name-eg-2",
"79": "document-notes-eg-1",
"80": "document-references-eg-1",
"81": "vulnerabilities-for-informational-advisory-eg-1",
"82": "product-tree-eg-1",
"83": "vulnerability-notes-eg-1",
"84": "product-status-eg-1",
"85": "vex-product-status-eg-1",
"86": "vulnerability-id-eg-1",
"87": "impact-statement-eg-1",
"88": "action-statement-eg-1",
"89": "vulnerabilities-for-security-advisory-or-vex-eg-1",
"90": "translation-eg-1",
"91": "remediation-without-product-reference-eg-1",
"92": "mixed-integer-and-semantic-versioning-eg-1",
"93": "version-range-in-product-version-eg-1",
"94": "flag-without-product-reference-eg-1",
"95": "multiple-flags-with-vex-justification-codes-per-product-eg-1",
"96": "mandatory-tests--branches-recursion-depth-eg-1",
"97": "contradicting-remediations-eg-1",
"98": "contradicting-product-status-remediation-combination-eg-1",
"99": "mandatory-tests--date-and-time-eg-1",
"100": "non-public-sharing-group-with-max-uuid-eg-1",
"101": "public-sharing-group-with-no-max-uuid-eg-1",
"102": "invalid-sharing-group-name-eg-1",
"103": "missing-sharing-group-name-eg-1",
"104": "unused-definition-of-product-id-eg-1",
"105": "missing-remediation-eg-1",
"107": "missing-metric-eg-1",
"108": "build-metadata-in-revision-history-eg-1",
"109": "older-initial-release-date-than-revision-history-eg-1",
"110": "older-current-release-date-than-revision-history-eg-1",
"111": "missing-date-in-involvements-eg-1",
"112": "use-of-md5-as-the-only-hash-algorithm-eg-1",
"113": "use-of-sha-1-as-the-only-hash-algorithm-eg-1",
"114": "missing-tlp-label-eg-1",
"115": "missing-canonical-url-eg-1",
"116": "missing-document-language-eg-1",
"117": "optional-tests--sorting-eg-1",
"118": "use-of-private-language-eg-1",
"119": "use-of-default-language-eg-1",
"120": "missing-product-identification-helper-eg-1",
"121": "cve-in-field-ids-eg-1",
"122": "product-version-range-without-vers-eg-1",
"123": "cvss-for-fixed-products-eg-1",
"124": "additional-properties-eg-1",
"125": "same-timestamps-in-revision-history-eg-1",
"126": "document-tracking-id-in-title-eg-1",
"127": "usage-of-deprecated-cwe-eg-1",
"128": "usage-of-non-latest-cwe-version-eg-1",
"129": "usage-of-cwe-not-allowed-for-vulnerability-mapping-eg-1",
"130": "usage-of-cwe-allowed-with-review-for-vulnerability-mapping-eg-1",
"131": "discouraged-product-status-remediation-combination-eg-1",
"132": "usage-of-max-uuid-eg-1",
"133": "usage-of-nil-uuid-eg-1",
"134": "usage-of-sharing-group-on-tlp-clear-eg-1",
"135": "use-of-cvss-v2-as-the-only-scoring-system-eg-1",
"136": "use-of-cvss-v3-0-eg-1",
"137": "missing-cve-eg-1",
"138": "missing-cwe-eg-1",
"139": "use-of-short-hash-eg-1",
"140": "use-of-non-self-referencing-urls-failing-to-resolve-eg-1",
"141": "use-of-self-referencing-urls-failing-to-resolve-eg-1",
"142": "spell-check-eg-1",
"143": "branch-categories-eg-1",
"144": "usage-of-product-version-range-eg-1",
"145": "usage-of-v-as-version-indicator-eg-1",
"146": "missing-cvss-v4-0-eg-1",
"147": "requirement-7-provider-metadata-json-eg-1",
"148": "requirement-8-security-txt-eg-1",
"149": "requirement-9-well-known-url-for-provider-metadata-json-eg-1",
"150": "requirement-11-one-folder-per-year-eg-1",
"151": "requirement-12-index-txt-eg-1",
"152": "requirement-13-changes-csv-eg-1",
"153": "requirement-15-rolie-feed-eg-1",
"154": "requirement-16-rolie-service-document-eg-1",
"155": "requirement-17-rolie-category-document-eg-1",
"156": "requirement-17-rolie-category-document-eg-2",
"157": "requirement-17-rolie-category-document-eg-3",
"158": "requirement-18-integrity-eg-1",
"159": "requirement-18-integrity-eg-2",
"160": "requirement-19-signatures-eg-1",
"161": "requirement-21-list-of-csaf-providers-eg-1",
"162": "requirement-23-mirror-eg-1",
"163": "conformance-clause-5-cvrf-csaf-converter-eg-1",
"164": "conformance-clause-5-cvrf-csaf-converter-eg-2",
"165": "conformance-clause-5-cvrf-csaf-converter-eg-3",
"166": "conformance-clause-5-cvrf-csaf-converter-eg-4"
}
Loading
Loading