aboutsummaryrefslogtreecommitdiffstats
path: root/bin/nist/datasource_2019.json
AgeCommit message (Collapse)Author
2019-01-13srtool: fix core update implementationDavid Reyna
Fix the data source update mechanism: * Move the update functions to "bin/common/srtool_update.py" * Remove 'lastModifiedDate' from the data source JSON files (since every restart overwrites any updated values) * Change the 'update_time' field to a dictionary of offset values e.g. "{\"weekday\":\"6\",\"hour\":\"2\"}" = day of week, hour of day * Implement the update frequency calculations * Implement data source name filters for selected manual updates * Add a log status file [YOCTO #13131] Signed-off-by: David Reyna <David.Reyna@windriver.com>
2019-01-12srtool: improve CVE status assignments, add CVE 2019David Reyna
1. Add the CVE 2019 data soures for MITRE and NIST. 2. Improve the CVE default status assignment system: * During the "Init" phase all CVEs default to HISTORICAL, unless they are within the CVE_INIT_NEW_DELTA date range. The value CVE_INIT_NEW_DELTA is defined in "bin/common/datasource.json", and is an out-of-box courtesy to provide some CVEs for triage in newly initialized systems. Changing the default value to '0' disabled this. * During the "Update" phase, CVEs default to NEW (and thus primed for triage) * Better separate the Init versus Update functions in "srtool_mitre.py" and "srtool_nist.py", and their respective datasource files. * Remove the post-process "preset_new()" in "srtool_common.py" in favor of directly computing the values in get_cve_default_status() in "srtool_mitre.py" and "srtool_nist.py", for speed and consistency. [YOCTO #13134] [YOCTO #13135] Signed-off-by: David Reyna <David.Reyna@windriver.com>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-21 08:52:11 +0000