istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Introduce a shortcode to produce the disclosure detail table in security bulletins. (#5800)

This commit is contained in:
Martin Taillefer 2019-11-20 08:06:15 -08:00 committed by GitHub
parent d398b01587
commit e3c8077416
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 93 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.spelling
View File

@ -40,10 +40,12 @@
5ms
6ms
6s
7.5
72.96ms
7Mb
7ms
7s
8.5
8ms
8x
9ms
@ -143,6 +145,8 @@ CSRs
Ctrl
Customizable
CVE
CVE-2019-12243
CVE-2019-12995
CVE-2019-14993
CVE-2019-15226
CVE-2019-18817
@ -152,6 +156,8 @@ CVE-2019-9514
CVE-2019-9515
CVE-2019-9518
CVEs
cves
cvss
cyber
Datadog
datapath
@ -470,6 +476,7 @@ schemas
SDKs
sds
Secura
security_bulletin
selinux
serverless
serviceaccount

10
content/en/news/security/istio-security-2019-001/index.md
View File

@ -11,11 +11,11 @@ aliases:
- /news/2019/cve-2019-12243
---
| Information |  
|-------------------|--------
| CVE | [CVE 2019-12243](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12243)
| CVSS Impact Score | 8.9 [CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C)
| Affected Releases | 1.1 to 1.1.6
{{< security_bulletin
cves="CVE-2019-12243"
cvss="8.9"
vector="CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C"
releases="1.1 to 1.1.6" >}}
## Context

10
content/en/news/security/istio-security-2019-002/index.md
View File

@ -11,11 +11,11 @@ aliases:
- /news/2019/cve-2019-12995
---
| Information | &nbsp;
|-------------------|--------
| CVE | [CVE 2019-12995](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12995)
| CVSS Impact Score | 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C)
| Affected Releases | 1.0 to 1.0.8<br>1.1 to 1.1.9<br>1.2 to 1.2.1
{{< security_bulletin
cves="CVE-2019-12995"
cvss="7.5"
vector="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C"
releases="1.0 to 1.0.8, 1.1 to 1.1.9, 1.2 to 1.2.1" >}}
## Context

10
content/en/news/security/istio-security-2019-003/index.md
View File

@ -11,11 +11,11 @@ aliases:
- /news/2019/istio-security-003-004
---
| Information | &nbsp;
|-------------------|--------
| CVE | [CVE-2019-14993](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14993)
| CVSS Impact Score | 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| Affected Releases | 1.1 to 1.1.12<br>1.2 to 1.2.3
{{< security_bulletin
cves="CVE-2019-14993"
cvss="7.5"
vector="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
releases="1.1 to 1.1.12, 1.2 to 1.2.3" >}}
## Context

10
content/en/news/security/istio-security-2019-004/index.md
View File

@ -8,11 +8,11 @@ keywords: [CVE]
skip_seealso: true
---
| Information | &nbsp;
|-------------------|--------
| CVE | [CVE-2019-9512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512), [CVE-2019-9513](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513), [CVE-2019-9514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514), [CVE-2019-9515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515), [CVE-2019-9518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518)
| CVSS Impact Score | 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| Affected Releases | 1.1 to 1.1.12<br>1.2 to 1.2.3
{{< security_bulletin
cves="CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518"
cvss="7.5"
vector="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
releases="1.1 to 1.1.12, 1.2 to 1.2.3" >}}
## Context

10
content/en/news/security/istio-security-2019-005/index.md
View File

@ -10,11 +10,11 @@ aliases:
- /news/2019/istio-security-2019-005
---
| Information | &nbsp;
|-------------------|--------
| CVE | [CVE-2019-15226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15226)
| CVSS Impact Score | 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
| Affected Releases | 1.1 to 1.1.15<br>1.2 to 1.2.6<br>1.3 to 1.3.1
{{< security_bulletin
cves="CVE-2019-15226"
cvss="7.5"
vector="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
releases="1.1 to 1.1.15, 1.2 to 1.2.6, 1.3 to 1.3.1" >}}
## Context

10
content/en/news/security/istio-security-2019-006/index.md
View File

@ -10,11 +10,11 @@ aliases:
- /news/2019/istio-security-2019-006
---
| Information | &nbsp;
|-------------------|--------
| CVE | [CVE-2019-18817](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18817)
| CVSS Impact Score | 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C&version=3.1)
| Affected Releases | 1.3 to 1.3.4
{{< security_bulletin
cves="CVE-2019-18817"
cvss="7.5"
vector="CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C"
releases="1.3 to 1.3.4" >}}
## Context

12
i18n/en.toml
View File

@ -246,3 +246,15 @@ other = "Date"
[mark_all_as_read]
other = "Mark all as read"
[security_bulletin_title]
other = "Disclosure Details"
[security_bulletin_cves]
other = "CVE(s)"
[security_bulletin_cvss]
other = "CVSS Impact Score"
[security_bulletin_affected_releases]
other = "Affected Releases"

44
layouts/shortcodes/security_bulletin.html Normal file
View File

@ -0,0 +1,44 @@
{{ $cves := .Get "cves" }}
{{ $cvss := .Get "cvss" }}
{{ $vector := .Get "vector" }}
{{ $releases := .Get "releases" }}
<table>
<thead>
<tr>
<th colspan="2">{{ i18n "security_bulletin_title" }}</th>
</tr>
</thead>
<tbody>
<tr>
<td>{{ i18n "security_bulletin_cves" }}</td>
<td>
{{ $split := split $cves "," }}
{{ if eq (len $split) 1 }}
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ $cves }}">{{ $cves }}</a>
{{ else }}
{{ range $split }}
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ trim . " " }}">{{ trim . " " }}</a><br>
{{ end }}
{{ end }}
</td>
</tr>
<tr>
<td>{{ i18n "security_bulletin_cvss" }}</td>
<td>{{ $cvss }} <a href="https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector={{ $vector }}">{{ $vector }}</a></td>
</tr>
<tr>
<td>{{ i18n "security_bulletin_affected_releases" }}</td>
<td>
{{ $split = split $releases "," }}
{{ if eq (len $split) 1 }}
{{ $releases }}
{{ else }}
{{ range $split }}
{{ trim . " " }}<br>
{{ end }}
{{ end }}
</td>
</tr>
</tbody>
</table>

6
out.txt
View File

@ -1,6 +0,0 @@
Building with the build container: gcr.io/istio-testing/build-tools:2019-10-24T14-05-17.
Using docker credential directory /Users/mtail/.docker.
Using gcr credential directory /Users/mtail/.config/gcloud.
^CMakefile.core.mk:12: recipe for target 'gen' failed
make: *** [gen] Interrupt
make: *** wait: No child processes. Stop.