search

csaf-tools / CVRF-CSAF-Converter

A CVRF CSAF Converter, taking care about OASIS specification.
https://www.telekom.com/security
MIT License
10 stars 4 forks source link

Implement the Aggregate Severity section #39

Closed cgi1 closed 2 years ago

cgi1 commented 2 years ago

EPIC: #10

CVRF 1.2

[Oasis v1.2 -> Aggregate Severity]http://docs.oasis-open.org/csaf/csaf-cvrf/v1.2/cs01/csaf-cvrf-v1.2-cs01.html#_Toc493508891)

Oasis implementation view CSAF v2

Field Definiition 4.8 Aggregate Severity

Simple mapping

grafik
cgi1 commented 2 years ago

We dont have and CVRF 1.2 example by hand right now for Aggregate Severity.

There is an CVRF 1.1: redhat_cvrf_2018.xml.

However, parser is written for CVRF 1.1 as part of this PoC:

2022-01-23 22:30:40,738 - utils - CRITICAL - Input document not valid: Element '{http://www.icasi.org/CVRF/schema/cvrf/1.1}cvrfdoc': No matching global declaration available for the validation root. (<string>, line 0).
zpevma commented 2 years ago

can be closed after #48 is merged

sustefil commented 2 years ago

48 merged with Aggregate severity section, closing here