Import nxml-gentoo-schemas files from version 20070110.

1 files changed, 297 insertions, 0 deletions

diff --git a/glsa.rnc b/glsa.rnc
new file mode 100644
index 0000000..e69a360
--- /dev/null
+++ b/glsa.rnc
@@ -0,0 +1,297 @@
+# $Header: /var/cvsroot/gentoo-x86/app-emacs/nxml-gentoo-schemas/files/glsa.rnc,v 1.1 2007/07/25 09:45:50 opfer Exp $
+
+glsa =
+  element glsa {
+    attlist.glsa,
+    title,
+    synopsis,
+    product,
+    announced,
+    revised,
+    bug*,
+    access?,
+    affected,
+    background?,
+    description,
+    impact,
+    workaround,
+    resolution,
+    references,
+    license?,
+    metadata*
+  }
+attlist.glsa &= attribute id { text }
+# Element:      title
+# Description:  Provides a 4-5 word description about the advisory 
+# Example:      <title>Buffer overflow vulnerability found in openssl-0.9.5</title> 
+title = element title { attlist.title, text }
+attlist.title &= empty
+# Element:      synopsis
+# Description:  Small, to-the-point description about the GLSA
+# 
+# Example:  <synopsis>
+#               rsync has an exploitable buffer overflow that can lead to
+#               remote compromise
+#           </synopsis>
+synopsis = element synopsis { attlist.synopsis, text }
+attlist.synopsis &= empty
+# Element:      product
+# Description:  Defines what type of security announcement this is.
+# 
+#               Valid types are:
+#               - ebuild         A Portage-provided ebuild has a security 
+#                                issue
+#               - informational  This GLSA is purely informational, no Gentoo
+#                                system is affected
+#               - infrastructure The security issue involves the Gentoo 
+#                                infrastructure
+# 
+#               The text contains one keyword that defines the issue.
+# 
+# Example: <product type="ebuild">openssl</product>
+# Example: <product type="infrastructure">rsync mirror</product>
+product = element product { attlist.product, text }
+attlist.product &=
+  attribute type { "ebuild" | "infrastructure" | "informational" }
+# Element:      announced
+# Description:  Date when the advisory is publicised
+#               The format must be "YYYY-mm-dd"
+# 
+# Example: <announced>2003-11-20</announced>
+announced = element announced { attlist.announced, text }
+attlist.announced &= empty
+# Element:      revised
+# Description:  Last revision date of the GLSA
+# 
+# Example: <revised>2003-11-20</revised>
+revised = element revised { attlist.revised, text }
+attlist.revised &= empty
+# Element:      bug
+# Description:  Number of the bug on bugs.gentoo.org, if any
+# Occurrence:    The bug element can occur 0, 1 or more times
+# 
+# Example: <bug>34200</bug>
+bug = element bug { attlist.bug, text }
+attlist.bug &= empty
+# Element:      access
+# Description:  Type of access necessary to exploit the security issue
+#               This element should only be used when product@type = 'ebuild'
+# Occurrence:    The access element can occur 0 or 1 time
+# 
+# Example: <access>Remote</access>
+access = element access { attlist.access, text }
+attlist.access &= empty
+# Element:      affected
+# Description:  Describe what the affected subjects are.
+# 
+#               If product@type = 'build', the child elements are 'package'
+#               If product@type = 'portage', the child elements are 'package'
+#               If product@type = 'infrastructure', the child elements are 
+#               'service'
+#
+affected = element affected { attlist.affected, (package* | service*) }
+attlist.affected &= empty
+# Element:      package
+# Description:  Provide all necessary information regarded the affected 
+#               packages. It also contains information about the affected 
+#               architectures, if automatic updates can be done and the update
+# 
+#               The "update" attribute contains the path to the non-vulnerable
+#               version of the package
+# 
+#               The "auto" attribute contains either "yes" or "no" and tells 
+#               Portage that the package can be updated automatically (to be 
+#               implemented) without further user interaction
+# 
+#               The "arch" attribute contains either the architecture (as used
+#               by ACCEPT_KEYWORDS) or the "*" value (in case all 
+#               architectures are affected)
+# 
+# Occurrence:   The package element can occur 0, 1 or more times
+# Example:      <package name="dev-libs/openssl" auto="yes" arch="*">
+#                 <vulnerable range="lt">0.9.6k</vulnerable>
+#                 <unaffected range="gt">0.9.6k</unaffected>
+#               </package>
+package =
+  element package { attlist.package, (vulnerable | unaffected)* }
+attlist.package &=
+  attribute name { text },
+  attribute auto { "yes" | "no" },
+  attribute arch { text }
+# Element:      vulnerable
+# Description:  Version of the vulnerable package. Can be a range too
+vulnerable = element vulnerable { attlist.vulnerable, text }
+attlist.vulnerable &=
+  attribute range {
+    "le" | "lt" | "eq" | "gt" | "ge" | "rlt" | "rle" | "rgt" | "rge"
+  }
+# Element:      unaffected
+# Description:  Version of the fixed (or unaffected) package. In case the 
+#               package is superseded by another package, you need to
+#               define that package using the "name" attribute.
+# 
+#               The r* range information is revision-specific. For instance, 
+#               rge foo-1.2.3-r4  ==  >=foo-1.2.3-r4 && <foo-1.2.4
+# 
+# Example:
+#               <unaffected range="gt" name="foobar">2.0.0</unaffected>
+unaffected = element unaffected { attlist.unaffected, text }
+attlist.unaffected &=
+  attribute range {
+    "le" | "lt" | "eq" | "gt" | "ge" | "rlt" | "rle" | "rgt" | "rge"
+  },
+  attribute name { text }?
+# Element:      service
+# Description:  Provide information about the Gentoo services that are
+#               affected by the security advisory. Portage must be able
+#               to parse this information to make decisions (for instance, 
+#               ignore an rsync server or a certain distfiles mirror).
+# 
+#               The type attribute can be one of "rsync", "web", "mirror".
+# 
+#               The fixed attribute (denoting if the problem has been solved)
+#               can be one of "yes" or "no". If not used, the default value is
+#               "no".
+# 
+# Occurrence:   The service element can occur 0, 1 or more times
+# Example: <service type="rsync">rsync://rsync.someserver.tld/gentoo-portage</service>
+service = element service { attlist.service, text }
+attlist.service &=
+  attribute type { "rsync" | "web" | "mirror" },
+  attribute fixed { "yes" | "no" }?
+# Element:      uri
+# Description:  Link to the organisation involved in releasing the advisory
+# Occurrence:   The uri element can occur 0, 1 or more times
+# 
+# Example:      <uri link="http://www.cert.org">CERT</uri>
+uri = element uri { attlist.uri, text }
+attlist.uri &= attribute link { text }?
+# Element:      mail
+# Description:  Mail address of the people involved in releasing the advisory
+# Occurrence:   The mail element can occur 0, 1 or more times
+# 
+# Example:      <mail link="some@person.com">Some Person</mail>
+mail = element mail { attlist.mail, text }
+attlist.mail &= attribute link { text }
+# Element:      p
+# Description:  Plain text
+# Occurrence:   The "p" element can occur 0, 1 or more times and can contain
+#               links or addresses
+# 
+# Example:      <p>Please update your system</p>
+p = element p { attlist.p, (text | uri | mail | b | u | i | br)* }
+attlist.p &= empty
+# Element:      code
+# Description:  The code element contains text that should preserve whitespace
+#               and is therefore useful for code listings or commands
+# 
+# Example:      <code>emerge sync</code>
+code = element code { attlist.code, text }
+attlist.code &= empty
+# Element:      background
+# Description:  Provides a background of the affected package(s)/service(s)
+#               The background element contains only "<p>"s in which the text 
+#               is placed
+#
+background = element background { attlist.background, (p | ul | ol)* }
+attlist.background &= empty
+# Element:      description
+# Description:  Provides a description about the security issue
+#               The description element contains only "<p>"s.
+description =
+  element description { attlist.description, (p | ul | ol)* }
+attlist.description &= empty
+# Element:      impact
+# Description:  Provides information about the impact that the security issue 
+#               can have
+# 
+#               The "impact" element contains only "<p>"s.
+# 
+#               The type element gives a short term, such as 
+#               "Denial of Service", "Buffer Overflow", ...
+#
+impact = element impact { attlist.impact, (p | ul | ol)* }
+attlist.impact &= attribute type { text }
+# Element:      workaround
+# Description:  Provides information about how the security issue can be 
+#               (temporarily) resolved through a work-around
+# 
+#               The "workaround" element contains only "<p>"s and "<code>"s.
+workaround =
+  element workaround { attlist.workaround, (p | code | ul | ol)* }
+attlist.workaround &= empty
+# Element:      resolution
+# Description:  Provides information about how the security issue can be 
+#               resolved.
+# 
+#               The "resolution" element contains only "<p>"s and "<code>"s.
+resolution =
+  element resolution { attlist.resolution, (p | code | ul | ol)* }
+attlist.resolution &= empty
+# Element:      references
+# Description:  Provides links to resources / references available online.
+# 
+#               The "reference" element contains only "<uri>"s.
+references = element references { attlist.references, uri* }
+attlist.references &= empty
+# Element:      ul
+# Description:  Add an unnumbered listing; can only contain <li>'s
+ul = element ul { attlist.ul, li* }
+attlist.ul &= empty
+# Element:      ol
+# Description:  Add a numbered listing; can only contain <li>'s
+ol = element ol { attlist.ol, li* }
+attlist.ol &= empty
+# Element:      li
+# Description:  Element of a listing 
+# 
+# Example:    <ul>
+#               <li>This is element one</li>
+#               <li>This is a second element</li>
+#             </ul>
+li = element li { attlist.li, text }
+attlist.li &= empty
+# Element:      b
+# Description:  Bold text
+# 
+# Example:    <b>this is bold</b>
+b = element b { attlist.b, text }
+attlist.b &= empty
+# Element:      u
+# Description:  Underlined text
+# 
+# Example:      <u>this is underlined</u>
+u = element u { attlist.u, text }
+attlist.u &= empty
+# Element:      i
+# Description:  Input text (blue)
+# 
+# Example:      The user has to type in <i>ls</i> to see.
+i = element i { attlist.i, text }
+attlist.i &= empty
+# Element:      br
+# Description:  hard line break
+# 
+# Example:      And then: <br/> 
+#               KABLAM!
+br = element br { attlist.br, text }
+attlist.br &= empty
+# Element:      license
+# Description:  Add license information
+# 
+# Example:      <license/>
+license = element license { attlist.license, text }
+attlist.license &= empty
+# Element:      metadata
+# Description:  Metadata information for GLSAMaker
+# 
+# Example:      <metadata tag="approved">Level 1</metadata>
+# 
+# On request of plasmaroo, metadata can contain all elements again. 
+metadata = element metadata { attlist.metadata, (text | metadata)* }
+attlist.metadata &=
+  attribute tag { text },
+  attribute revision { text }?,
+  attribute author { text }?,
+  attribute timestamp { text }?
+start = glsa