what happens if a vuln is loaded in error?
Jacques A. Vidrine
nectar at FreeBSD.org
Mon Jan 24 07:58:34 PST 2005
On Mon, Jan 24, 2005 at 10:47:28AM -0500, Dan Langille wrote:
> On 23 Jan 2005 at 9:58, Dan Langille wrote:
> > I'm looking over the design of how FreshPorts handles VuXML
> > changes. A thought comes to mind. If a vuln turns out to be
> > false (i.e not a vulnerability at all, for whatever reason), what
> > changes would be made to the VuXML data? How would this situation
> > be fixed?
> This commit answers my question:
Yep, I made that one just for you (^_^). But seriously, let me draw
your attention to the following comments in the VuXML document model
| A given `vuln' element may represent either an active issue
| or a cancelled issue. Active `vuln's contain the full set
| of sub-elements (topic, affects, and so on). Cancelled `vuln's
| may contain only a single `cancelled' element.
| A `vuln' should be cancelled only when it was issued in error.
| If a `vuln' is issued in error, it may be cancelled by replacing its
| content with a single `cancelled' element. The optional `superseded'
| attribute with a VuXML ID value may be used to indicate that another
| `vuln' entry replaced this one.
| <vuln vid="f1d20b27-835f-11d8-a41f-0020ed76ef5a">
| <cancelled superseded="1ed556e6-734f-11d8-868e-000347dd607f" />
Jacques A Vidrine / NTT/Verio
nectar at celabo.org / jvidrine at verio.net / nectar at FreeBSD.org
More information about the freebsd-vuxml