You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2023/01/17 16:14:19 UTC

svn commit: r1906738 - in /httpd/dev-tools/release: common-lib.sh r4-stage-release.sh

Author: covener
Date: Tue Jan 17 16:14:19 2023
New Revision: 1906738

URL: http://svn.apache.org/viewvc?rev=1906738&view=rev
Log:
CVE v5 JSON

Modified:
    httpd/dev-tools/release/common-lib.sh
    httpd/dev-tools/release/r4-stage-release.sh

Modified: httpd/dev-tools/release/common-lib.sh
URL: http://svn.apache.org/viewvc/httpd/dev-tools/release/common-lib.sh?rev=1906738&r1=1906737&r2=1906738&view=diff
==============================================================================
--- httpd/dev-tools/release/common-lib.sh (original)
+++ httpd/dev-tools/release/common-lib.sh Tue Jan 17 16:14:19 2023
@@ -381,16 +381,16 @@ indent_entry() {
 cve_changes() {
   CVE_JSON="$1"
   test -f "${CVE_JSON}" || fail "cve_changes: ${CVE_JSON} not found"
-  CVE_ID=`jq -r .CVE_data_meta.ID "${CVE_JSON}"`
-  CVE_TITLE=`jq -r .CVE_data_meta.TITLE "${CVE_JSON}"`
+  CVE_ID=`jq -r .cveMetadata.cveId "${CVE_JSON}"`
+  CVE_TITLE=`jq -r .containers.cna.title "${CVE_JSON}"`
   test -n "${CVE_ID}" -a "${CVE_ID}" != "null" || fail "CVE ID missing in ${CVE_JSON}"
-  CVE_DESCR=`jq -r '.description.description_data[].value' "${CVE_JSON}"`
+  CVE_DESCR=`jq -r '.containers.cna.descriptions[0].value' "${CVE_JSON}"`
   cat << EOF | fold -sw 65 | indent_entry
 SECURITY: ${CVE_ID}: ${CVE_TITLE} (cve.mitre.org)
 ${CVE_DESCR}
 
 EOF
-  CVE_CREDIT=`jq -r '.credit[].value' "${CVE_JSON}"`
+  CVE_CREDIT=`jq -r '.containers.cna.credits[0].value' "${CVE_JSON}"`
   if test -n "${CVE_CREDIT}" -a "${CVE_CREDIT}" != "null"; then
     cat << EOF | fold -sw 65 | indent_entry "     "
 Credits: ${CVE_CREDIT}
@@ -542,4 +542,4 @@ get_version_CVE_DIRS() {
   if test "${cves_ok}" != 1; then
     fail "Please correct the files mentioned."
   fi
-}
\ No newline at end of file
+}

Modified: httpd/dev-tools/release/r4-stage-release.sh
URL: http://svn.apache.org/viewvc/httpd/dev-tools/release/r4-stage-release.sh?rev=1906738&r1=1906737&r2=1906738&view=diff
==============================================================================
--- httpd/dev-tools/release/r4-stage-release.sh (original)
+++ httpd/dev-tools/release/r4-stage-release.sh Tue Jan 17 16:14:19 2023
@@ -157,7 +157,7 @@ if test -n "${CVE_DIRS}"; then
     for CVE in $CVE_DIRS; do
       CVE_JSON="${DIST_DIR}/pmc/SECURITY/${CVE}/CVE.json"
       test -f "$CVE_JSON" || fail "not found: ${CVE_JSON}"
-      CVE_ID=`jq -r .CVE_data_meta.ID "${CVE_JSON}"`
+      CVE_ID=`jq -r .cveMetadata.cveId "${CVE_JSON}"`
       test -n "${CVE_ID}" -a "${CVE_ID}" != "null" || fail "CVE ID missing in ${CVE_JSON}"
       echo "adding ${CVE_ID}"
       # add a timeline entry for the release and copy to website
@@ -202,4 +202,4 @@ echo "--------"
 echo "SVN changes staged in local checkout for ${SVN_URL}"
 svn stat
 
-save_version
\ No newline at end of file
+save_version