tools

History

VictorRodriguez 1821816ed0 CVE policy filter script Vulscan generates reports for all the CVEs discovered and valid on the STX iso. However, according to the STX CVE policy: https://wiki.openstack.org/wiki/StarlingX/Security/CVE_Support_Policy Only CVEs meeting the criteria which follows are accepted for fixing: Criticality >= 7 Base Vector as: AV = Network AC = Low Au = None or Single AI = Partial or Complete And a fix is available upstream The script filters the json file generated by vuls scan: https://vuls.io/docs/en/install-with-vulsctl.html Example of json file from Centos 7.7: https://pastebin.com/dNEHx6yd Change-Id: I2481f5fa39f92558d51c612a288a0c9ee08ebe6e Signed-off-by: VictorRodriguez <vm.rod25@gmail.com>	2019-10-27 10:03:27 -06:00
..
cve_policy_filter.py	CVE policy filter script	2019-10-27 10:03:27 -06:00
template.txt	CVE policy filter script	2019-10-27 10:03:27 -06:00

VictorRodriguez 1821816ed0 CVE policy filter script

Vulscan generates reports for all the CVEs discovered and valid on the STX iso.
However, according to the STX CVE policy:
https://wiki.openstack.org/wiki/StarlingX/Security/CVE_Support_Policy

Only CVEs meeting the criteria which follows are accepted for fixing:

Criticality >= 7
Base Vector as:

AV = Network
AC = Low
Au = None or Single
AI = Partial or Complete

And a fix is available upstream

The script filters the json file generated by vuls scan:
https://vuls.io/docs/en/install-with-vulsctl.html

Example of json file from Centos 7.7:
https://pastebin.com/dNEHx6yd

Change-Id: I2481f5fa39f92558d51c612a288a0c9ee08ebe6e
Signed-off-by: VictorRodriguez <vm.rod25@gmail.com>

2019-10-27 10:03:27 -06:00

cve_policy_filter.py

CVE policy filter script

2019-10-27 10:03:27 -06:00

template.txt

CVE policy filter script

2019-10-27 10:03:27 -06:00