-
Given robust product identification is an important factor for consumers of Security Advisories (SAs) this proposal shall offer other optional properties to the Full Product Name type (`full_product_n…
-
This was an issue highlighted by dstrohl at:
https://github.com/oasis-open/csaf-documentation/issues/7
In the models section, always include the regular expression where matching is required.
…
-
In GitLab by @podhrmic on Aug 13, 2020, 14:41
aka *Controls Regression Tests*, *Baseline controller test*, *Control System Fuzzer*
# Assumptions
I am assuming that the user of our tool will use vari…
-
During the review of #274 it was suggested to tie the signature to the namespace. Now we have 4 options:
### 1. Allow only (any) URLs in the namespace
This reflects the current implementation of…
-
In GitLab by @podhrmic on Sep 18, 2020, 16:37
It is non-trivial to run the notebooks in the CI.
The current nbconvert->PDF approach works OK, but has limits when extensive data visualization is invol…
-
This issue tracks the progress to update Secvisogram to the current version of the CSAF schema [f581451](https://github.com/oasis-tcs/csaf/blob/f5814516be5e0b1090542259c08008767d6b3994/csaf_2.0/json_s…
-
During the review of #205 there were some comments regarding the definitions and explanations use in the `involvements` property:
---
@tolim stated in https://github.com/oasis-tcs/csaf/pull/205#…
-
Reported by Art Manion:
From a thread about CSAF in a different forum, the announcements links on this page are broken/gone:
https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=csaf#…
-
This issue is meant to provide more details to the **Vulnerability Symptoms** proposed in #185 by @wrideout.
---
## Vulnerability Symptoms
Currently any symptoms which accompany or otherwise in…
-
Input from Thomas:
Please add a link to the current prose (right next to the CSAF 2.0 Draft Schema) of CSAF 2.0.