istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Introduce a shortcode to produce the disclosure detail table in security bulletins. (#5800)

This commit is contained in:
Martin Taillefer 2019-11-20 08:06:15 -08:00 committed by GitHub
parent d398b01587
commit e3c8077416
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 93 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.spelling
View File

@ -40,10 +40,12 @@
5ms 5ms
6ms 6ms
6s 6s
7.5
72.96ms 72.96ms
7Mb 7Mb
7ms 7ms
7s 7s
8.5
8ms 8ms
8x 8x
9ms 9ms
@ -143,6 +145,8 @@ CSRs
Ctrl Ctrl
Customizable Customizable
CVE CVE
CVE-2019-12243
CVE-2019-12995
CVE-2019-14993 CVE-2019-14993
CVE-2019-15226 CVE-2019-15226
CVE-2019-18817 CVE-2019-18817
@ -152,6 +156,8 @@ CVE-2019-9514
CVE-2019-9515 CVE-2019-9515
CVE-2019-9518 CVE-2019-9518
CVEs CVEs
cves
cvss
cyber cyber
Datadog Datadog
datapath datapath
@ -470,6 +476,7 @@ schemas
SDKs SDKs
sds sds
Secura Secura
security_bulletin
selinux selinux
serverless serverless
serviceaccount serviceaccount

10
content/en/news/security/istio-security-2019-001/index.md
View File

@ -11,11 +11,11 @@ aliases:
- /news/2019/cve-2019-12243 - /news/2019/cve-2019-12243
--- ---
| Information | &nbsp; {{< security_bulletin
|-------------------|-------- cves="CVE-2019-12243"
| CVE | [CVE 2019-12243](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12243) cvss="8.9"
| CVSS Impact Score | 8.9 [CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C) vector="CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:H/RL:O/RC:C"
| Affected Releases | 1.1 to 1.1.6 releases="1.1 to 1.1.6" >}}
## Context ## Context

10
content/en/news/security/istio-security-2019-002/index.md
View File

@ -11,11 +11,11 @@ aliases:
- /news/2019/cve-2019-12995 - /news/2019/cve-2019-12995
--- ---
| Information | &nbsp; {{< security_bulletin
|-------------------|-------- cves="CVE-2019-12995"
| CVE | [CVE 2019-12995](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12995) cvss="7.5"
| CVSS Impact Score | 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C) vector="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C"
| Affected Releases | 1.0 to 1.0.8<br>1.1 to 1.1.9<br>1.2 to 1.2.1 releases="1.0 to 1.0.8, 1.1 to 1.1.9, 1.2 to 1.2.1" >}}
## Context ## Context

10
content/en/news/security/istio-security-2019-003/index.md
View File

@ -11,11 +11,11 @@ aliases:
- /news/2019/istio-security-003-004 - /news/2019/istio-security-003-004
--- ---
| Information | &nbsp; {{< security_bulletin
|-------------------|-------- cves="CVE-2019-14993"
| CVE | [CVE-2019-14993](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14993) cvss="7.5"
| CVSS Impact Score | 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) vector="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
| Affected Releases | 1.1 to 1.1.12<br>1.2 to 1.2.3 releases="1.1 to 1.1.12, 1.2 to 1.2.3" >}}
## Context ## Context

10
content/en/news/security/istio-security-2019-004/index.md
View File

@ -8,11 +8,11 @@ keywords: [CVE]
skip_seealso: true skip_seealso: true
--- ---
| Information | &nbsp; {{< security_bulletin
|-------------------|-------- cves="CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518"
| CVE | [CVE-2019-9512](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9512), [CVE-2019-9513](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513), [CVE-2019-9514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9514), [CVE-2019-9515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9515), [CVE-2019-9518](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9518) cvss="7.5"
| CVSS Impact Score | 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) vector="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
| Affected Releases | 1.1 to 1.1.12<br>1.2 to 1.2.3 releases="1.1 to 1.1.12, 1.2 to 1.2.3" >}}
## Context ## Context

10
content/en/news/security/istio-security-2019-005/index.md
View File

@ -10,11 +10,11 @@ aliases:
- /news/2019/istio-security-2019-005 - /news/2019/istio-security-2019-005
--- ---
| Information | &nbsp; {{< security_bulletin
|-------------------|-------- cves="CVE-2019-15226"
| CVE | [CVE-2019-15226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15226) cvss="7.5"
| CVSS Impact Score | 7.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) vector="CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
| Affected Releases | 1.1 to 1.1.15<br>1.2 to 1.2.6<br>1.3 to 1.3.1 releases="1.1 to 1.1.15, 1.2 to 1.2.6, 1.3 to 1.3.1" >}}
## Context ## Context

10
content/en/news/security/istio-security-2019-006/index.md
View File

@ -10,11 +10,11 @@ aliases:
- /news/2019/istio-security-2019-006 - /news/2019/istio-security-2019-006
--- ---
| Information | &nbsp; {{< security_bulletin
|-------------------|-------- cves="CVE-2019-18817"
| CVE | [CVE-2019-18817](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18817) cvss="7.5"
| CVSS Impact Score | 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C&version=3.1) vector="CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C"
| Affected Releases | 1.3 to 1.3.4 releases="1.3 to 1.3.4" >}}
## Context ## Context

12
i18n/en.toml
View File

@ -246,3 +246,15 @@ other = "Date"
[mark_all_as_read] [mark_all_as_read]
other = "Mark all as read" other = "Mark all as read"
[security_bulletin_title]
other = "Disclosure Details"
[security_bulletin_cves]
other = "CVE(s)"
[security_bulletin_cvss]
other = "CVSS Impact Score"
[security_bulletin_affected_releases]
other = "Affected Releases"

44
layouts/shortcodes/security_bulletin.html Normal file
View File

@ -0,0 +1,44 @@
{{ $cves := .Get "cves" }}
{{ $cvss := .Get "cvss" }}
{{ $vector := .Get "vector" }}
{{ $releases := .Get "releases" }}
<table>
<thead>
<tr>
<th colspan="2">{{ i18n "security_bulletin_title" }}</th>
</tr>
</thead>
<tbody>
<tr>
<td>{{ i18n "security_bulletin_cves" }}</td>
<td>
{{ $split := split $cves "," }}
{{ if eq (len $split) 1 }}
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ $cves }}">{{ $cves }}</a>
{{ else }}
{{ range $split }}
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ trim . " " }}">{{ trim . " " }}</a><br>
{{ end }}
{{ end }}
</td>
</tr>
<tr>
<td>{{ i18n "security_bulletin_cvss" }}</td>
<td>{{ $cvss }} <a href="https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector={{ $vector }}">{{ $vector }}</a></td>
</tr>
<tr>
<td>{{ i18n "security_bulletin_affected_releases" }}</td>
<td>
{{ $split = split $releases "," }}
{{ if eq (len $split) 1 }}
{{ $releases }}
{{ else }}
{{ range $split }}
{{ trim . " " }}<br>
{{ end }}
{{ end }}
</td>
</tr>
</tbody>
</table>

6
out.txt
View File

@ -1,6 +0,0 @@
Building with the build container: gcr.io/istio-testing/build-tools:2019-10-24T14-05-17.
Using docker credential directory /Users/mtail/.docker.
Using gcr credential directory /Users/mtail/.config/gcloud.
^CMakefile.core.mk:12: recipe for target 'gen' failed
make: *** [gen] Interrupt
make: *** wait: No child processes. Stop.