forked from OpenSCAP/openscap
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
enable cve compilation and add cve module to oscap tool
- Loading branch information
Showing
20 changed files
with
1,161 additions
and
56 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,61 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <!-- | ||
| == Model: Version 0-3 NetD | ||
| == Package: cce | ||
| --> | ||
| <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" | ||
| xmlns="http://scap.nist.gov/schema/cce/0.1" | ||
| xmlns:scap-core="http://scap.nist.gov/schema/scap-core/0.1" | ||
| targetNamespace="http://scap.nist.gov/schema/cce/0.1" | ||
| elementFormDefault="qualified" attributeFormDefault="unqualified" | ||
| version="0.1"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>CCE is at an early phase of adoption. This schema is a work in progress and is far from | ||
| final. Additional work with using CCEs in a practical setting is required.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:import namespace="http://scap.nist.gov/schema/scap-core/0.1" schemaLocation="scap-core_0.1.xsd"/> | ||
| <!-- ================================================== --> | ||
| <!-- ===== Simple Type Definitions --> | ||
| <!-- ================================================== --> | ||
| <xsd:simpleType name="cceNamePatternType"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>The format for a CCE name is CCE-NNNNNNNNNNN, where NNNNNNNNNNN is a sequence number.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:restriction base="xsd:token"> | ||
| <xsd:pattern value="CCE-[1-9]\d{0,10}"/> | ||
| </xsd:restriction> | ||
| </xsd:simpleType> | ||
| <!-- ================================================== --> | ||
| <!-- ===== Complex Type Definitions --> | ||
| <!-- ================================================== --> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <!-- CCE --> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <xsd:complexType name="cceType"> | ||
| <xsd:sequence> | ||
| <xsd:element name="definition" type="xsd:string" minOccurs="0"/> | ||
| <xsd:element name="parameter" type="cceParameterType" minOccurs="0" maxOccurs="unbounded"/> | ||
| <xsd:element name="technical-mechanisms" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/> | ||
| <xsd:element name="references" type="scap-core:referenceType" minOccurs="0" maxOccurs="unbounded"/> | ||
| </xsd:sequence> | ||
| <xsd:attribute name="id" type="cceNamePatternType" use="required"/> | ||
| </xsd:complexType> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <!-- CCE_Parameter --> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <xsd:complexType name="cceParameterType"> | ||
| <xsd:sequence> | ||
| <xsd:element name="value" type="xsd:string" maxOccurs="unbounded"/> | ||
| </xsd:sequence> | ||
| <xsd:attribute name="identifier" type="xsd:token"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>TODO: What does this identify?</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:attribute> | ||
| <xsd:attribute name="operator" type="xsd:token"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>TODO: should this be an enumeration?</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:attribute> | ||
| </xsd:complexType> | ||
| </xsd:schema> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,101 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <xsd:schema targetNamespace="http://cpe.mitre.org/language/2.0" xmlns:cpe="http://cpe.mitre.org/language/2.0" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xml="http://www.w3.org/XML/1998/namespace" elementFormDefault="qualified" attributeFormDefault="unqualified"> | ||
| <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/> | ||
| <xsd:annotation> | ||
| <xsd:documentation xml:lang="en">This XML Schema defines the CPE Language. An individual CPE Name addresses a single part of an actual system. To identify more complex platform types, there needs to be a way to combine different CPE Names using logical operators. For example, there may be a need to identify a platform with a particular operating system AND a certain application. The CPE Language exists to satisfy this need, enabling the CPE Name for the operating system to be combined with the CPE Name for the application. For more information, consult the CPE Specification document.</xsd:documentation> | ||
| <xsd:appinfo> | ||
| <schema>CPE Language</schema> | ||
| <author>Neal Ziring, Andrew Buttner</author> | ||
| <version>2.1</version> | ||
| <date>01/31/2008 09:00:00 AM</date> | ||
| </xsd:appinfo> | ||
| </xsd:annotation> | ||
| <!-- =============================================================================== --> | ||
| <!-- =============================================================================== --> | ||
| <!-- =============================================================================== --> | ||
| <xsd:element name="platform-specification"> | ||
| <xsd:annotation> | ||
| <xsd:documentation xml:lang="en">This element is the root element of a CPE Language XML documents and therefore acts as a container for child platform definitions.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:complexType> | ||
| <xsd:sequence> | ||
| <xsd:element name="platform" type="cpe:PlatformType" minOccurs="1" maxOccurs="unbounded"/> | ||
| </xsd:sequence> | ||
| </xsd:complexType> | ||
| <xsd:key name="platformKey"> | ||
| <xsd:selector xpath="cpe:platform"/> | ||
| <xsd:field xpath="@id"/> | ||
| </xsd:key> | ||
| </xsd:element> | ||
| <xsd:element name="logical-test" type="cpe:LogicalTestType"/> | ||
|
|
||
| <!-- =============================================================================== --> | ||
| <!-- ================================== PLATFORM ================================= --> | ||
| <!-- =============================================================================== --> | ||
| <xsd:complexType name="PlatformType"> | ||
| <xsd:annotation> | ||
| <xsd:documentation xml:lang="en">The platform element represents the description or qualifications of a particular IT platform type. The platform is defined by the logical-test child element. The id attribute holds a locally unique name for the platform. There is no defined format for this id, it just has to be unique to the containing language document.</xsd:documentation> | ||
| <xsd:documentation xml:lang="en">The optional title element may appear as a child to a platform element. It provides a human-readable title for it. To support uses intended for multiple languages, this element supports the ‘xml:lang’ attribute. At most one title element can appear for each language.</xsd:documentation> | ||
| <xsd:documentation xml:lang="en">The optional remark element may appear as a child of a platform element. It provides some additional description. Zero or more remark elements may appear. To support uses intended for multiple languages, this element supports the ‘xml:lang’ attribute. There can be multiple remarks for a single language.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:sequence> | ||
| <xsd:element name="title" type="cpe:TextType" minOccurs="0" maxOccurs="unbounded"/> | ||
| <xsd:element name="remark" type="cpe:TextType" minOccurs="0" maxOccurs="unbounded"/> | ||
| <xsd:element name="logical-test" type="cpe:LogicalTestType" minOccurs="1" maxOccurs="1"/> | ||
| </xsd:sequence> | ||
| <xsd:attribute name="id" type="xsd:anyURI" use="required"/> | ||
| </xsd:complexType> | ||
| <xsd:complexType name="LogicalTestType"> | ||
| <xsd:annotation> | ||
| <xsd:documentation xml:lang="en">The logical-test element appears as a child of a platform element, and may also be nested to create more complex logical tests. The content consists of one or more elements: fact-ref, and logical-test children are permitted. The operator to be applied, and optional negation of the test, are given as attributes.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:sequence> | ||
| <xsd:element name="logical-test" type="cpe:LogicalTestType" minOccurs="0" maxOccurs="unbounded"/> | ||
| <xsd:element name="fact-ref" type="cpe:FactRefType" minOccurs="0" maxOccurs="unbounded"/> | ||
| </xsd:sequence> | ||
| <xsd:attribute name="operator" type="cpe:operatorEnumeration" use="required"/> | ||
| <xsd:attribute name="negate" type="xsd:boolean" use="required"/> | ||
| </xsd:complexType> | ||
| <xsd:complexType name="FactRefType"> | ||
| <xsd:annotation> | ||
| <xsd:documentation xml:lang="en">The fact-ref element appears as a child of a logical-test element. It is simply a reference to a CPE Name that always evaluates to a Boolean result.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:attribute name="name" type="cpe:namePattern" use="required"/> | ||
| </xsd:complexType> | ||
| <!-- =============================================================================== --> | ||
| <!-- =============================== ENUMERATIONS ================================ --> | ||
| <!-- =============================================================================== --> | ||
| <xsd:simpleType name="operatorEnumeration"> | ||
| <xsd:annotation> | ||
| <xsd:documentation xml:lang="en">The OperatorEnumeration simple type defines acceptable operators. Each operator defines how to evaluate multiple arguments.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:restriction base="xsd:string"> | ||
| <xsd:enumeration value="AND"/> | ||
| <xsd:enumeration value="OR"/> | ||
| </xsd:restriction> | ||
| </xsd:simpleType> | ||
| <!-- =============================================================================== --> | ||
| <!-- ============================== SUPPORTING TYPES ============================== --> | ||
| <!-- =============================================================================== --> | ||
| <xsd:complexType name="TextType"> | ||
| <xsd:annotation> | ||
| <xsd:documentation xml:lang="en">This type allows the xml:lang attribute to associate a specific language with an element's string content.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:simpleContent> | ||
| <xsd:extension base="xsd:string"> | ||
| <xsd:attribute ref="xml:lang"/> | ||
| </xsd:extension> | ||
| </xsd:simpleContent> | ||
| </xsd:complexType> | ||
| <!-- =============================================================================== --> | ||
| <!-- ================================ ID PATTERNS ================================ --> | ||
| <!-- =============================================================================== --> | ||
| <xsd:simpleType name="namePattern"> | ||
| <xsd:annotation> | ||
| <xsd:documentation xml:lang="en">Define the format for acceptable CPE Names. A URN format is used with the id starting with the word cpe followed by :/ and then some number of individual components separated by colons.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:restriction base="xsd:anyURI"> | ||
| <xsd:pattern value="[c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9\._\-~%]*){0,6}"/> | ||
| </xsd:restriction> | ||
| </xsd:simpleType> | ||
| </xsd:schema> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <!-- | ||
| == Model: Version 0-3 NetD | ||
| == Package: cve | ||
| --> | ||
| <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" | ||
| xmlns="http://scap.nist.gov/schema/cve/0.1" | ||
| xmlns:scap_core="http://scap.nist.gov/schema/scap-core/0.1" | ||
| targetNamespace="http://scap.nist.gov/schema/cve/0.1" | ||
| elementFormDefault="qualified" attributeFormDefault="unqualified" | ||
| version="0.1"> | ||
| <xsd:import namespace="http://scap.nist.gov/schema/scap-core/0.1" schemaLocation="scap-core_0.1.xsd"/> | ||
| <!-- ================================================== --> | ||
| <!-- ===== Simple Type Definitions --> | ||
| <!-- ================================================== --> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <!-- CVE_Name_Type <<simpleType>> --> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <xsd:simpleType name="cveNamePatternType"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>Format for CVE Names is CVE-YYYY-NNNN, where YYYY is the year of publication and NNNN is a sequence number.</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:restriction base="xsd:token"> | ||
| <xsd:pattern value="CVE-([1,2])\d{3}-\d{4}"/> | ||
| </xsd:restriction> | ||
| </xsd:simpleType> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <!-- CVE_Status <<simpleType>> --> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <xsd:simpleType name="cveStatus"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>Enumeration containing valid values for CVE status: Candidate, Entry, and Deprecated</xsd:documentation> | ||
| </xsd:annotation> | ||
| <xsd:restriction base="xsd:token"> | ||
| <xsd:enumeration value="CANDIDATE"/> | ||
| <xsd:enumeration value="ENTRY"/> | ||
| <xsd:enumeration value="DEPRECATED"/> | ||
| </xsd:restriction> | ||
| </xsd:simpleType> | ||
| <!-- ================================================== --> | ||
| <!-- ===== Complex Type Definitions --> | ||
| <!-- ================================================== --> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <!-- CVE --> | ||
| <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> | ||
| <xsd:complexType name="cveType"> | ||
| <xsd:sequence> | ||
| <xsd:element name="status" type="cveStatus" minOccurs="0"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>Status of Vulnerability -- Candidate, Entry, Deprecated</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:element> | ||
| <xsd:element name="description" type="xsd:string" minOccurs="0"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>Free text field to describe the vulnerability</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:element> | ||
| <xsd:element name="references" type="scap_core:referenceType" maxOccurs="unbounded" minOccurs="0"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>Discretionary information and links relevant to a given vulnerability referenced by the CVE</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:element> | ||
| </xsd:sequence> | ||
| <xsd:attribute name="id" type="cveNamePatternType" use="required"> | ||
| <xsd:annotation> | ||
| <xsd:documentation>CVE name in the CVE-YYYY-NNNN format</xsd:documentation> | ||
| </xsd:annotation> | ||
| </xsd:attribute> | ||
| </xsd:complexType> | ||
| </xsd:schema> |
Oops, something went wrong.