diff options
author | Diego 'Flameeyes' Pettenò <flameeyes@gmail.com> | 2007-11-21 11:35:34 +0100 |
---|---|---|
committer | Diego 'Flameeyes' Pettenò <flameeyes@gmail.com> | 2007-11-21 11:35:34 +0100 |
commit | 9380c10504f8770f58ff445932ae468ce89ef63f (patch) | |
tree | dfb5c2041afba5212a92c18bcfe0e7fd38052b69 /glsa.rnc | |
download | nxml-gentoo-schemas-9380c10504f8770f58ff445932ae468ce89ef63f.tar.gz nxml-gentoo-schemas-9380c10504f8770f58ff445932ae468ce89ef63f.tar.bz2 nxml-gentoo-schemas-9380c10504f8770f58ff445932ae468ce89ef63f.zip |
Import nxml-gentoo-schemas files from version 20070110.
Diffstat (limited to 'glsa.rnc')
-rw-r--r-- | glsa.rnc | 297 |
1 files changed, 297 insertions, 0 deletions
diff --git a/glsa.rnc b/glsa.rnc new file mode 100644 index 0000000..e69a360 --- /dev/null +++ b/glsa.rnc @@ -0,0 +1,297 @@ +# $Header: /var/cvsroot/gentoo-x86/app-emacs/nxml-gentoo-schemas/files/glsa.rnc,v 1.1 2007/07/25 09:45:50 opfer Exp $ + +glsa = + element glsa { + attlist.glsa, + title, + synopsis, + product, + announced, + revised, + bug*, + access?, + affected, + background?, + description, + impact, + workaround, + resolution, + references, + license?, + metadata* + } +attlist.glsa &= attribute id { text } +# Element: title +# Description: Provides a 4-5 word description about the advisory +# Example: <title>Buffer overflow vulnerability found in openssl-0.9.5</title> +title = element title { attlist.title, text } +attlist.title &= empty +# Element: synopsis +# Description: Small, to-the-point description about the GLSA +# +# Example: <synopsis> +# rsync has an exploitable buffer overflow that can lead to +# remote compromise +# </synopsis> +synopsis = element synopsis { attlist.synopsis, text } +attlist.synopsis &= empty +# Element: product +# Description: Defines what type of security announcement this is. +# +# Valid types are: +# - ebuild A Portage-provided ebuild has a security +# issue +# - informational This GLSA is purely informational, no Gentoo +# system is affected +# - infrastructure The security issue involves the Gentoo +# infrastructure +# +# The text contains one keyword that defines the issue. +# +# Example: <product type="ebuild">openssl</product> +# Example: <product type="infrastructure">rsync mirror</product> +product = element product { attlist.product, text } +attlist.product &= + attribute type { "ebuild" | "infrastructure" | "informational" } +# Element: announced +# Description: Date when the advisory is publicised +# The format must be "YYYY-mm-dd" +# +# Example: <announced>2003-11-20</announced> +announced = element announced { attlist.announced, text } +attlist.announced &= empty +# Element: revised +# Description: Last revision date of the GLSA +# +# Example: <revised>2003-11-20</revised> +revised = element revised { attlist.revised, text } +attlist.revised &= empty +# Element: bug +# Description: Number of the bug on bugs.gentoo.org, if any +# Occurrence: The bug element can occur 0, 1 or more times +# +# Example: <bug>34200</bug> +bug = element bug { attlist.bug, text } +attlist.bug &= empty +# Element: access +# Description: Type of access necessary to exploit the security issue +# This element should only be used when product@type = 'ebuild' +# Occurrence: The access element can occur 0 or 1 time +# +# Example: <access>Remote</access> +access = element access { attlist.access, text } +attlist.access &= empty +# Element: affected +# Description: Describe what the affected subjects are. +# +# If product@type = 'build', the child elements are 'package' +# If product@type = 'portage', the child elements are 'package' +# If product@type = 'infrastructure', the child elements are +# 'service' +# +affected = element affected { attlist.affected, (package* | service*) } +attlist.affected &= empty +# Element: package +# Description: Provide all necessary information regarded the affected +# packages. It also contains information about the affected +# architectures, if automatic updates can be done and the update +# +# The "update" attribute contains the path to the non-vulnerable +# version of the package +# +# The "auto" attribute contains either "yes" or "no" and tells +# Portage that the package can be updated automatically (to be +# implemented) without further user interaction +# +# The "arch" attribute contains either the architecture (as used +# by ACCEPT_KEYWORDS) or the "*" value (in case all +# architectures are affected) +# +# Occurrence: The package element can occur 0, 1 or more times +# Example: <package name="dev-libs/openssl" auto="yes" arch="*"> +# <vulnerable range="lt">0.9.6k</vulnerable> +# <unaffected range="gt">0.9.6k</unaffected> +# </package> +package = + element package { attlist.package, (vulnerable | unaffected)* } +attlist.package &= + attribute name { text }, + attribute auto { "yes" | "no" }, + attribute arch { text } +# Element: vulnerable +# Description: Version of the vulnerable package. Can be a range too +vulnerable = element vulnerable { attlist.vulnerable, text } +attlist.vulnerable &= + attribute range { + "le" | "lt" | "eq" | "gt" | "ge" | "rlt" | "rle" | "rgt" | "rge" + } +# Element: unaffected +# Description: Version of the fixed (or unaffected) package. In case the +# package is superseded by another package, you need to +# define that package using the "name" attribute. +# +# The r* range information is revision-specific. For instance, +# rge foo-1.2.3-r4 == >=foo-1.2.3-r4 && <foo-1.2.4 +# +# Example: +# <unaffected range="gt" name="foobar">2.0.0</unaffected> +unaffected = element unaffected { attlist.unaffected, text } +attlist.unaffected &= + attribute range { + "le" | "lt" | "eq" | "gt" | "ge" | "rlt" | "rle" | "rgt" | "rge" + }, + attribute name { text }? +# Element: service +# Description: Provide information about the Gentoo services that are +# affected by the security advisory. Portage must be able +# to parse this information to make decisions (for instance, +# ignore an rsync server or a certain distfiles mirror). +# +# The type attribute can be one of "rsync", "web", "mirror". +# +# The fixed attribute (denoting if the problem has been solved) +# can be one of "yes" or "no". If not used, the default value is +# "no". +# +# Occurrence: The service element can occur 0, 1 or more times +# Example: <service type="rsync">rsync://rsync.someserver.tld/gentoo-portage</service> +service = element service { attlist.service, text } +attlist.service &= + attribute type { "rsync" | "web" | "mirror" }, + attribute fixed { "yes" | "no" }? +# Element: uri +# Description: Link to the organisation involved in releasing the advisory +# Occurrence: The uri element can occur 0, 1 or more times +# +# Example: <uri link="http://www.cert.org">CERT</uri> +uri = element uri { attlist.uri, text } +attlist.uri &= attribute link { text }? +# Element: mail +# Description: Mail address of the people involved in releasing the advisory +# Occurrence: The mail element can occur 0, 1 or more times +# +# Example: <mail link="some@person.com">Some Person</mail> +mail = element mail { attlist.mail, text } +attlist.mail &= attribute link { text } +# Element: p +# Description: Plain text +# Occurrence: The "p" element can occur 0, 1 or more times and can contain +# links or addresses +# +# Example: <p>Please update your system</p> +p = element p { attlist.p, (text | uri | mail | b | u | i | br)* } +attlist.p &= empty +# Element: code +# Description: The code element contains text that should preserve whitespace +# and is therefore useful for code listings or commands +# +# Example: <code>emerge sync</code> +code = element code { attlist.code, text } +attlist.code &= empty +# Element: background +# Description: Provides a background of the affected package(s)/service(s) +# The background element contains only "<p>"s in which the text +# is placed +# +background = element background { attlist.background, (p | ul | ol)* } +attlist.background &= empty +# Element: description +# Description: Provides a description about the security issue +# The description element contains only "<p>"s. +description = + element description { attlist.description, (p | ul | ol)* } +attlist.description &= empty +# Element: impact +# Description: Provides information about the impact that the security issue +# can have +# +# The "impact" element contains only "<p>"s. +# +# The type element gives a short term, such as +# "Denial of Service", "Buffer Overflow", ... +# +impact = element impact { attlist.impact, (p | ul | ol)* } +attlist.impact &= attribute type { text } +# Element: workaround +# Description: Provides information about how the security issue can be +# (temporarily) resolved through a work-around +# +# The "workaround" element contains only "<p>"s and "<code>"s. +workaround = + element workaround { attlist.workaround, (p | code | ul | ol)* } +attlist.workaround &= empty +# Element: resolution +# Description: Provides information about how the security issue can be +# resolved. +# +# The "resolution" element contains only "<p>"s and "<code>"s. +resolution = + element resolution { attlist.resolution, (p | code | ul | ol)* } +attlist.resolution &= empty +# Element: references +# Description: Provides links to resources / references available online. +# +# The "reference" element contains only "<uri>"s. +references = element references { attlist.references, uri* } +attlist.references &= empty +# Element: ul +# Description: Add an unnumbered listing; can only contain <li>'s +ul = element ul { attlist.ul, li* } +attlist.ul &= empty +# Element: ol +# Description: Add a numbered listing; can only contain <li>'s +ol = element ol { attlist.ol, li* } +attlist.ol &= empty +# Element: li +# Description: Element of a listing +# +# Example: <ul> +# <li>This is element one</li> +# <li>This is a second element</li> +# </ul> +li = element li { attlist.li, text } +attlist.li &= empty +# Element: b +# Description: Bold text +# +# Example: <b>this is bold</b> +b = element b { attlist.b, text } +attlist.b &= empty +# Element: u +# Description: Underlined text +# +# Example: <u>this is underlined</u> +u = element u { attlist.u, text } +attlist.u &= empty +# Element: i +# Description: Input text (blue) +# +# Example: The user has to type in <i>ls</i> to see. +i = element i { attlist.i, text } +attlist.i &= empty +# Element: br +# Description: hard line break +# +# Example: And then: <br/> +# KABLAM! +br = element br { attlist.br, text } +attlist.br &= empty +# Element: license +# Description: Add license information +# +# Example: <license/> +license = element license { attlist.license, text } +attlist.license &= empty +# Element: metadata +# Description: Metadata information for GLSAMaker +# +# Example: <metadata tag="approved">Level 1</metadata> +# +# On request of plasmaroo, metadata can contain all elements again. +metadata = element metadata { attlist.metadata, (text | metadata)* } +attlist.metadata &= + attribute tag { text }, + attribute revision { text }?, + attribute author { text }?, + attribute timestamp { text }? +start = glsa |