You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2023/01/17 16:14:19 UTC
svn commit: r1906738 - in /httpd/dev-tools/release: common-lib.sh r4-stage-release.sh
Author: covener
Date: Tue Jan 17 16:14:19 2023
New Revision: 1906738
URL: http://svn.apache.org/viewvc?rev=1906738&view=rev
Log:
CVE v5 JSON
Modified:
httpd/dev-tools/release/common-lib.sh
httpd/dev-tools/release/r4-stage-release.sh
Modified: httpd/dev-tools/release/common-lib.sh
URL: http://svn.apache.org/viewvc/httpd/dev-tools/release/common-lib.sh?rev=1906738&r1=1906737&r2=1906738&view=diff
==============================================================================
--- httpd/dev-tools/release/common-lib.sh (original)
+++ httpd/dev-tools/release/common-lib.sh Tue Jan 17 16:14:19 2023
@@ -381,16 +381,16 @@ indent_entry() {
cve_changes() {
CVE_JSON="$1"
test -f "${CVE_JSON}" || fail "cve_changes: ${CVE_JSON} not found"
- CVE_ID=`jq -r .CVE_data_meta.ID "${CVE_JSON}"`
- CVE_TITLE=`jq -r .CVE_data_meta.TITLE "${CVE_JSON}"`
+ CVE_ID=`jq -r .cveMetadata.cveId "${CVE_JSON}"`
+ CVE_TITLE=`jq -r .containers.cna.title "${CVE_JSON}"`
test -n "${CVE_ID}" -a "${CVE_ID}" != "null" || fail "CVE ID missing in ${CVE_JSON}"
- CVE_DESCR=`jq -r '.description.description_data[].value' "${CVE_JSON}"`
+ CVE_DESCR=`jq -r '.containers.cna.descriptions[0].value' "${CVE_JSON}"`
cat << EOF | fold -sw 65 | indent_entry
SECURITY: ${CVE_ID}: ${CVE_TITLE} (cve.mitre.org)
${CVE_DESCR}
EOF
- CVE_CREDIT=`jq -r '.credit[].value' "${CVE_JSON}"`
+ CVE_CREDIT=`jq -r '.containers.cna.credits[0].value' "${CVE_JSON}"`
if test -n "${CVE_CREDIT}" -a "${CVE_CREDIT}" != "null"; then
cat << EOF | fold -sw 65 | indent_entry " "
Credits: ${CVE_CREDIT}
@@ -542,4 +542,4 @@ get_version_CVE_DIRS() {
if test "${cves_ok}" != 1; then
fail "Please correct the files mentioned."
fi
-}
\ No newline at end of file
+}
Modified: httpd/dev-tools/release/r4-stage-release.sh
URL: http://svn.apache.org/viewvc/httpd/dev-tools/release/r4-stage-release.sh?rev=1906738&r1=1906737&r2=1906738&view=diff
==============================================================================
--- httpd/dev-tools/release/r4-stage-release.sh (original)
+++ httpd/dev-tools/release/r4-stage-release.sh Tue Jan 17 16:14:19 2023
@@ -157,7 +157,7 @@ if test -n "${CVE_DIRS}"; then
for CVE in $CVE_DIRS; do
CVE_JSON="${DIST_DIR}/pmc/SECURITY/${CVE}/CVE.json"
test -f "$CVE_JSON" || fail "not found: ${CVE_JSON}"
- CVE_ID=`jq -r .CVE_data_meta.ID "${CVE_JSON}"`
+ CVE_ID=`jq -r .cveMetadata.cveId "${CVE_JSON}"`
test -n "${CVE_ID}" -a "${CVE_ID}" != "null" || fail "CVE ID missing in ${CVE_JSON}"
echo "adding ${CVE_ID}"
# add a timeline entry for the release and copy to website
@@ -202,4 +202,4 @@ echo "--------"
echo "SVN changes staged in local checkout for ${SVN_URL}"
svn stat
-save_version
\ No newline at end of file
+save_version