From 9380c10504f8770f58ff445932ae468ce89ef63f Mon Sep 17 00:00:00 2001 From: Diego 'Flameeyes' Pettenò Date: Wed, 21 Nov 2007 11:35:34 +0100 Subject: Import nxml-gentoo-schemas files from version 20070110. --- glsa.rnc | 297 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 297 insertions(+) create mode 100644 glsa.rnc (limited to 'glsa.rnc') diff --git a/glsa.rnc b/glsa.rnc new file mode 100644 index 0000000..e69a360 --- /dev/null +++ b/glsa.rnc @@ -0,0 +1,297 @@ +# $Header: /var/cvsroot/gentoo-x86/app-emacs/nxml-gentoo-schemas/files/glsa.rnc,v 1.1 2007/07/25 09:45:50 opfer Exp $ + +glsa = + element glsa { + attlist.glsa, + title, + synopsis, + product, + announced, + revised, + bug*, + access?, + affected, + background?, + description, + impact, + workaround, + resolution, + references, + license?, + metadata* + } +attlist.glsa &= attribute id { text } +# Element: title +# Description: Provides a 4-5 word description about the advisory +# Example: Buffer overflow vulnerability found in openssl-0.9.5 +title = element title { attlist.title, text } +attlist.title &= empty +# Element: synopsis +# Description: Small, to-the-point description about the GLSA +# +# Example: +# rsync has an exploitable buffer overflow that can lead to +# remote compromise +# +synopsis = element synopsis { attlist.synopsis, text } +attlist.synopsis &= empty +# Element: product +# Description: Defines what type of security announcement this is. +# +# Valid types are: +# - ebuild A Portage-provided ebuild has a security +# issue +# - informational This GLSA is purely informational, no Gentoo +# system is affected +# - infrastructure The security issue involves the Gentoo +# infrastructure +# +# The text contains one keyword that defines the issue. +# +# Example: openssl +# Example: rsync mirror +product = element product { attlist.product, text } +attlist.product &= + attribute type { "ebuild" | "infrastructure" | "informational" } +# Element: announced +# Description: Date when the advisory is publicised +# The format must be "YYYY-mm-dd" +# +# Example: 2003-11-20 +announced = element announced { attlist.announced, text } +attlist.announced &= empty +# Element: revised +# Description: Last revision date of the GLSA +# +# Example: 2003-11-20 +revised = element revised { attlist.revised, text } +attlist.revised &= empty +# Element: bug +# Description: Number of the bug on bugs.gentoo.org, if any +# Occurrence: The bug element can occur 0, 1 or more times +# +# Example: 34200 +bug = element bug { attlist.bug, text } +attlist.bug &= empty +# Element: access +# Description: Type of access necessary to exploit the security issue +# This element should only be used when product@type = 'ebuild' +# Occurrence: The access element can occur 0 or 1 time +# +# Example: Remote +access = element access { attlist.access, text } +attlist.access &= empty +# Element: affected +# Description: Describe what the affected subjects are. +# +# If product@type = 'build', the child elements are 'package' +# If product@type = 'portage', the child elements are 'package' +# If product@type = 'infrastructure', the child elements are +# 'service' +# +affected = element affected { attlist.affected, (package* | service*) } +attlist.affected &= empty +# Element: package +# Description: Provide all necessary information regarded the affected +# packages. It also contains information about the affected +# architectures, if automatic updates can be done and the update +# +# The "update" attribute contains the path to the non-vulnerable +# version of the package +# +# The "auto" attribute contains either "yes" or "no" and tells +# Portage that the package can be updated automatically (to be +# implemented) without further user interaction +# +# The "arch" attribute contains either the architecture (as used +# by ACCEPT_KEYWORDS) or the "*" value (in case all +# architectures are affected) +# +# Occurrence: The package element can occur 0, 1 or more times +# Example: +# 0.9.6k +# 0.9.6k +# +package = + element package { attlist.package, (vulnerable | unaffected)* } +attlist.package &= + attribute name { text }, + attribute auto { "yes" | "no" }, + attribute arch { text } +# Element: vulnerable +# Description: Version of the vulnerable package. Can be a range too +vulnerable = element vulnerable { attlist.vulnerable, text } +attlist.vulnerable &= + attribute range { + "le" | "lt" | "eq" | "gt" | "ge" | "rlt" | "rle" | "rgt" | "rge" + } +# Element: unaffected +# Description: Version of the fixed (or unaffected) package. In case the +# package is superseded by another package, you need to +# define that package using the "name" attribute. +# +# The r* range information is revision-specific. For instance, +# rge foo-1.2.3-r4 == >=foo-1.2.3-r4 && 2.0.0 +unaffected = element unaffected { attlist.unaffected, text } +attlist.unaffected &= + attribute range { + "le" | "lt" | "eq" | "gt" | "ge" | "rlt" | "rle" | "rgt" | "rge" + }, + attribute name { text }? +# Element: service +# Description: Provide information about the Gentoo services that are +# affected by the security advisory. Portage must be able +# to parse this information to make decisions (for instance, +# ignore an rsync server or a certain distfiles mirror). +# +# The type attribute can be one of "rsync", "web", "mirror". +# +# The fixed attribute (denoting if the problem has been solved) +# can be one of "yes" or "no". If not used, the default value is +# "no". +# +# Occurrence: The service element can occur 0, 1 or more times +# Example: rsync://rsync.someserver.tld/gentoo-portage +service = element service { attlist.service, text } +attlist.service &= + attribute type { "rsync" | "web" | "mirror" }, + attribute fixed { "yes" | "no" }? +# Element: uri +# Description: Link to the organisation involved in releasing the advisory +# Occurrence: The uri element can occur 0, 1 or more times +# +# Example: CERT +uri = element uri { attlist.uri, text } +attlist.uri &= attribute link { text }? +# Element: mail +# Description: Mail address of the people involved in releasing the advisory +# Occurrence: The mail element can occur 0, 1 or more times +# +# Example: Some Person +mail = element mail { attlist.mail, text } +attlist.mail &= attribute link { text } +# Element: p +# Description: Plain text +# Occurrence: The "p" element can occur 0, 1 or more times and can contain +# links or addresses +# +# Example:

Please update your system

+p = element p { attlist.p, (text | uri | mail | b | u | i | br)* } +attlist.p &= empty +# Element: code +# Description: The code element contains text that should preserve whitespace +# and is therefore useful for code listings or commands +# +# Example: emerge sync +code = element code { attlist.code, text } +attlist.code &= empty +# Element: background +# Description: Provides a background of the affected package(s)/service(s) +# The background element contains only "

"s in which the text +# is placed +# +background = element background { attlist.background, (p | ul | ol)* } +attlist.background &= empty +# Element: description +# Description: Provides a description about the security issue +# The description element contains only "

"s. +description = + element description { attlist.description, (p | ul | ol)* } +attlist.description &= empty +# Element: impact +# Description: Provides information about the impact that the security issue +# can have +# +# The "impact" element contains only "

"s. +# +# The type element gives a short term, such as +# "Denial of Service", "Buffer Overflow", ... +# +impact = element impact { attlist.impact, (p | ul | ol)* } +attlist.impact &= attribute type { text } +# Element: workaround +# Description: Provides information about how the security issue can be +# (temporarily) resolved through a work-around +# +# The "workaround" element contains only "

"s and ""s. +workaround = + element workaround { attlist.workaround, (p | code | ul | ol)* } +attlist.workaround &= empty +# Element: resolution +# Description: Provides information about how the security issue can be +# resolved. +# +# The "resolution" element contains only "

"s and ""s. +resolution = + element resolution { attlist.resolution, (p | code | ul | ol)* } +attlist.resolution &= empty +# Element: references +# Description: Provides links to resources / references available online. +# +# The "reference" element contains only ""s. +references = element references { attlist.references, uri* } +attlist.references &= empty +# Element: ul +# Description: Add an unnumbered listing; can only contain

  • 's +ul = element ul { attlist.ul, li* } +attlist.ul &= empty +# Element: ol +# Description: Add a numbered listing; can only contain
  • 's +ol = element ol { attlist.ol, li* } +attlist.ol &= empty +# Element: li +# Description: Element of a listing +# +# Example:
      +#
    • This is element one
      • +#
    • This is a second element
      • +#
    +li = element li { attlist.li, text } +attlist.li &= empty +# Element: b +# Description: Bold text +# +# Example: this is bold +b = element b { attlist.b, text } +attlist.b &= empty +# Element: u +# Description: Underlined text +# +# Example: this is underlined +u = element u { attlist.u, text } +attlist.u &= empty +# Element: i +# Description: Input text (blue) +# +# Example: The user has to type in ls to see. +i = element i { attlist.i, text } +attlist.i &= empty +# Element: br +# Description: hard line break +# +# Example: And then:
    +# KABLAM! +br = element br { attlist.br, text } +attlist.br &= empty +# Element: license +# Description: Add license information +# +# Example: +license = element license { attlist.license, text } +attlist.license &= empty +# Element: metadata +# Description: Metadata information for GLSAMaker +# +# Example: Level 1 +# +# On request of plasmaroo, metadata can contain all elements again. +metadata = element metadata { attlist.metadata, (text | metadata)* } +attlist.metadata &= + attribute tag { text }, + attribute revision { text }?, + attribute author { text }?, + attribute timestamp { text }? +start = glsa -- cgit v1.2.3-65-gdbad