Mercurial > hg > nginx-site
changeset 901:8f674c48b879
Security advisories: advisory link and several patches per advisory.
| author | Ruslan Ermilov <ru@nginx.com> |
|---|---|
| date | Wed, 08 May 2013 18:22:23 +0400 |
| parents | da102c9c7e36 |
| children | f9c687ab1fd2 |
| files | dtd/content.dtd xml/en/security_advisories.xml xsls/security.xsls |
| diffstat | 3 files changed, 42 insertions(+), 17 deletions(-) [+] |
line wrap: on
line diff
--- a/dtd/content.dtd Wed May 08 07:11:47 2013 +0000 +++ b/dtd/content.dtd Wed May 08 18:22:23 2013 +0400 @@ -106,7 +106,7 @@ <!ELEMENT security (item+) > -<!ELEMENT item EMPTY > +<!ELEMENT item (patch)* > <!ATTLIST item name CDATA #IMPLIED severity CDATA #IMPLIED @@ -117,6 +117,13 @@ core CDATA #IMPLIED href CDATA #IMPLIED cert CDATA #IMPLIED + advisory CDATA #IMPLIED +> + +<!ELEMENT patch EMPTY > +<!ATTLIST patch + name CDATA #REQUIRED + versions CDATA #IMPLIED > <!ENTITY nbsp " ">
--- a/xml/en/security_advisories.xml Wed May 08 07:11:47 2013 +0000 +++ b/xml/en/security_advisories.xml Wed May 08 18:22:23 2013 +0400 @@ -26,10 +26,12 @@ <item name="Stack-based buffer overflow with specially crafted request" severity="major" + advisory="http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html" cve="2013-2028" good="1.5.0+, 1.4.1+" - vulnerable="1.3.9-1.4.0" - patch="patch.2013.chunked.txt" /> + vulnerable="1.3.9-1.4.0"> +<patch name="patch.2013.chunked.txt" /> +</item> <item name="Vulnerabilities with Windows directory aliases" severity="medium" @@ -41,15 +43,17 @@ severity="major" cve="2012-2089" good="1.1.19+, 1.0.15+" - vulnerable="1.1.3-1.1.18, 1.0.7-1.0.14" - patch="patch.2012.mp4.txt" /> + vulnerable="1.1.3-1.1.18, 1.0.7-1.0.14"> +<patch name="patch.2012.mp4.txt" /> +</item> <item name="Memory disclosure with specially crafted backend responses" severity="major" cve="2012-1180" good="1.1.17+, 1.0.14+" - vulnerable="0.1.0-1.1.16" - patch="patch.2012.memory.txt" /> + vulnerable="0.1.0-1.1.16"> +<patch name="patch.2012.memory.txt" /> +</item> <item name="Buffer overflow in resolver" severity="medium" @@ -87,8 +91,9 @@ cert="120541" cve="2009-3555" good="0.8.23+, 0.7.64+" - vulnerable="0.1.0-0.8.22" - patch="patch.cve-2009-3555.txt" /> + vulnerable="0.1.0-0.8.22"> +<patch name="patch.cve-2009-3555.txt" /> +</item> <item name="Directory traversal vulnerability" severity="minor" @@ -101,15 +106,17 @@ cert="180065" cve="2009-2629" good="0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+" - vulnerable="0.1.0-0.8.14" - patch="patch.180065.txt" /> + vulnerable="0.1.0-0.8.14"> +<patch name="patch.180065.txt" /> +</item> <item name="Null pointer dereference vulnerability" severity="major" cve="2009-3896" good="0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+" - vulnerable="0.1.0-0.8.13" - patch="patch.null.pointer.txt" /> + vulnerable="0.1.0-0.8.13"> +<patch name="patch.null.pointer.txt" /> +</item> </security>
--- a/xsls/security.xsls Wed May 08 07:11:47 2013 +0000 +++ b/xsls/security.xsls Wed May 08 18:22:23 2013 +0400 @@ -21,6 +21,11 @@ X:text{Severity: } !{@severity}<br/> } + X:if "@advisory" { + <a href="{@advisory}"> X:text {Advisory} </a> + <br/> + } + X:if "@cert" { <a> X:attribute "href" { @@ -54,12 +59,14 @@ } X:text {Not vulnerable: } !{@good} <br/> - X:text {Vulnerable: } !{@vulnerable} <br/> + X:text {Vulnerable: } !{@vulnerable} - X:if "@patch" { + X:for-each "patch" { + <br/> + <a> X:attribute "href" { - X:text {/download/} !{@patch} + X:text {/download/} !{@name} } X:text {The patch} </a> @@ -68,10 +75,14 @@ <a> X:attribute "href" { - X:text {/download/} !{@patch} X:text {.asc} + X:text {/download/} !{@name} X:text {.asc} } X:text {pgp} </a> + + X:if "@versions" { + X:text {  (for } !{@versions} X:text {)} + } } </p>