Request for vuln file formats

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Request for vuln file formats

Kurt Seifried
So I'm officially requesting on behalf of the DWF (and I guess the CVE automation group to) copies/examples of the XML formats, they can be blank templates or filled out ones (or ideally a copy of both). I can't comment/consider/see what your concerns are unless you show them to me. Intel has already helpfully shared their spreadsheet which they use to generate their data which as we all know was very helpful. 

--

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Request for vuln file formats

Mark J Cox
> So I'm officially requesting on behalf of the DWF (and I guess the CVE
> automation group to) copies/examples of the XML formats, they can be blank
> templates or filled out ones (or ideally a copy of both). I can't
> comment/consider/see what your concerns are unless you show them to me.
> Intel has already helpfully shared their spreadsheet which they use to
> generate their data which as we all know was very helpful.

This is the format Apache/OpenSSL currently use (which is used via
stylesheets to generate web pages):

http://httpd.apache.org/security/vulnerabilities-httpd.xml
https://www.openssl.org/news/vulnerabilities.xml

Mark