-
#### Description of problem:
Test rule is written in the way which requires configuration: items ordered, unfortunately remediation done by Ansible openshift-master/config.yml with the following li…
-
In the models section, always include the regular expression where matching is required.
(sometimes you had "must be less than x characters long", sometimes you listed some of the items (like with th…
-
CWE list changes over time (see https://cwe.mitre.org/data/archive.html). As we always check against the latest version this might result in invalid documents over time, e.g., if old CWEs get deprecat…
-
- [x] Full Access to Repository (Admin Rights)
- [x] Outcome of #7 => Agree on input set for acceptance test
- [x] Test files to be uploaded to the testing branch (@tschmidtb51 / @mfd2007)
- [x] Co…
-
The output of Get-MsrcCvrfDocument cmdlet is with key as CVE number. This is good from a security point of view that all CVE's are covered. However, for a WSUS Admin point of view, it would KBs that a…
-
# Old Men Talking
> In the predecessor of CSAF 2.0 (CVRF 1.2) "we" allowed the naive UTC hack to include date times without timezone or offset indicator to implicitly inhabit Zulu land.
> Unfortunat…
-
It would be nice to have a unique ID (GUID) given to each Product. If you look at the Update Details, the URL has the unique ID : https://www.catalog.update.microsoft.com/ScopedViewInline.aspx?update…
-
As @tschmidtb51 pointed out, the production [6.15.1.1](http://docs.oasis-open.org/csaf/csaf-cvrf/v1.2/cs01/csaf-cvrf-v1.2-cs01.html#_Toc493508958) in CVRF v1.2 is contradicting the parent element desc…
-
Hi,
I'm using the security update rest api and I need the list of affected files, included in an update/remediation.
I've noticed that there is a field in the cvrf update under remediations cal…
-
We need to check what needs to be done to get conformance with the latest version of the standard which is at: https://docs.oasis-open.org/csaf/csaf/v2.0/csaf-v2.0.html