-
Notifications
You must be signed in to change notification settings - Fork 0
/
esx-system-characteristics-schema.xsd
204 lines (204 loc) · 20.2 KB
/
esx-system-characteristics-schema.xsd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
<?xml version="1.0" encoding="utf-8"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:esx-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#esx" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#esx" elementFormDefault="qualified" version="5.11">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5" schemaLocation="oval-common-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the VMware ESX server specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>This schema was originally developed by Yuzheng Zhou and Todd Dolinsky at Hewlett-Packard. The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>VMware ESX server System Characteristics</schema>
<version>5.11 Draft 1</version>
<date>11/14/2012 8:00:00 AM</date>
<terms_of_use>Copyright (c) 2002-2012, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="esx-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#esx"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- =============================== PATCH ITEM ================================ -->
<!-- =============================================================================== -->
<xsd:element name="patch_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>Installation information about a specific patch in the VMware ESX server. This information can be retrieved by the "esxupdate query | grep ESX-xxxxxxx" command.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="patch_number" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the patch number which identifies the patch being checked in current VMware ESX server. Many of the security bulletins for VMWARE ESX Server contain non-numerical characters in the patch number, therefore this entity has a datatype of string.</xsd:documentation>
<xsd:appinfo>
<oval:deprecated_info>
<oval:version>5.6</oval:version>
<oval:reason>The deprecated patch_test has a bug where the patch name entity is defined as a string in the object yet is defined as an int in the state. Additional state entities have also been added to the new patch56_test.</oval:reason>
<oval:comment>This item has been deprecated and will be removed in version 6.0 of the language.</oval:comment>
</oval:deprecated_info>
<sch:pattern id="esx-sc_patchitempatch_number">
<sch:rule context="esx-sc:patch_item/esx-sc:patch_number">
<sch:report test="true()">DEPRECATED ELEMENT: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="patch_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The patch_name entity indetifies the name of the patch. For example: ESX-200603 or ESX350-200904401-BG. The value of this entity should correspond to the values returned under the "name" column of the "esxupdate query" command.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="knowledge_base_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The knowledge_base_id entity specifies the knowledge base article identifier number associated with a given patch from ESX versions 3.0.2 and earlier. It is comprised of the numerical string at the end of the patch name. For example, the patch ESX-200603 would have a knowledge base identifier of 200603. For patches from ESX version 3.0.3 and later, the patch name uses a different format and does not include the knowledge base id. This entity should be marked with a status of 'does not exist' in those cases.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="bundle_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The bundle_id entity specifies the unique ID for the patch. Note that for version 3.0.3 and version 3.5 this is comprised of the year and month the bundle was released and a 3-digit unique ID. It is in the format YYYYMM###. For example, the first patch released in January 2008 might have a BundleID of 200801001. For patches from ESX version 3.0.2 and earlier, this entity should be marked with a status of 'does not exist' since patch name has a different format and doesn't include a bundle id.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="classification" type="esx-sc:EntityItemClassificationType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The classification entity specifies the type of patch. It can be one of: B - bug, U - update, S - security, or R - roll-up. For patches from ESX version 3.0.2 and earlier, this entity should be marked with a status of 'does not exist' since patch name has a different format and doesn't include a classification.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="support_level" type="esx-sc:EntityItemSupportLevelType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The support_level entity specifies the support level of the patch. If can be one of: G - GA patch, H - hot patch, D - debugging patch, or C - custom patch. For patches from ESX version 3.0.2 and earlier, this entity should be marked with a status of 'does not exist' since patch name has a different format and doesn't include a support level.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="status" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the installtaion status of the specific patch.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================== VERSION ITEM ================================ -->
<!-- =============================================================================== -->
<xsd:element name="version_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>Information about the release and build version of VMware ESX server. This information can be retrieved by the "vmware -v" command or by checking the /proc/vmware/version file.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="release" type="oval-sc:EntityItemVersionType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the release of current VMware ESX server.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="build" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the build version of current VMware ESX server.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================== VI SDK MANAGED OBJECT ITEM ========================= -->
<!-- =============================================================================== -->
<xsd:element name="visdkmanagedobject_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The visdkmanagedobject_item is used to represent information about Managed Objects in the VMware Infrastructure.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="property" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The property entity holds a string that represents the object path and name of a particular setting for the Managed Entity. In the VMware Infrastructure SDK, property names are case-sensitive and thus case must be correct relative to the properties in the SDK. For example, a Virtual Machine might have ethernet0.connectionType of 'bridged'.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="value" type="oval-sc:EntityItemAnySimpleType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The value entity holds a string that represents a value that's associated with the specified setting for the Managed Entity. Some properties will return an array of values. In such cases consider each value individually and then make final evaluation based on the entity_check attribute.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<xsd:complexType name="EntityItemClassificationType">
<xsd:annotation>
<xsd:documentation>The EntityItemClassificationType complex type restricts a string value to a specific set of values that describe the classification of a given ESX Server patch. The empty string is also allowed to support empty elements associated with error conditions.</xsd:documentation>
</xsd:annotation>
<xsd:simpleContent>
<xsd:restriction base="oval-sc:EntityItemStringType">
<xsd:enumeration value="B">
<xsd:annotation>
<xsd:documentation>Bug patches fix minor flaws that affect product functionality or behavior. Bug patches are optional. Before they are applied, one should determine whether they are necessary for your environment.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="R">
<xsd:annotation>
<xsd:documentation>Roll‐up patches contain any number of bundles for ESX Server 3.0.3 or ESX Server 3.5 hosts. They can contain bug patches, update patches, and security patches. They do not contain upgrade bundles for minor releases or update bundles for maintenance releases.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="S">
<xsd:annotation>
<xsd:documentation>Security patches fix one or more potential security vulnerabilities in the product. They should be implemented immediately to prevent the vulnerabilities from being exploited.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="U">
<xsd:annotation>
<xsd:documentation>Update patches can contain new driver updates and small non‐intrusive enhancements. Before they are applied, one should determine whether they are necessary for your environment.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="">
<xsd:annotation>
<xsd:documentation>The empty string value is permitted here to allow for detailed error reporting.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
</xsd:restriction>
</xsd:simpleContent>
</xsd:complexType>
<xsd:complexType name="EntityItemSupportLevelType">
<xsd:annotation>
<xsd:documentation>The EntityItemSupportLevelType complex type restricts a string value to a specific set of values that describe the support level of a given ESX Server patch. The empty string is also allowed to support empty elements associated with error conditions.</xsd:documentation>
</xsd:annotation>
<xsd:simpleContent>
<xsd:restriction base="oval-sc:EntityItemStringType">
<xsd:enumeration value="C">
<xsd:annotation>
<xsd:documentation>Custom patches are special fixes provided to a customer. They are usually specific to customer's environment, and are most likely not required by customers not reporting the issue. Custom patches have been tested in the customer's environment.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="D">
<xsd:annotation>
<xsd:documentation>Debugging patches are released to all customers and are used by VMware to troubleshoot complex product issues. They can contain debug messages and code, and drivers. Debugging patches usually require VMware assistance to install.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="G">
<xsd:annotation>
<xsd:documentation>GA patches are released to all customers and have been thoroughly tested. They contain fixes for ESX Server 3 software issues.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="H">
<xsd:annotation>
<xsd:documentation>Hot patches are released to specific customers for solving critical problems specific to their environment. They contain fixes for security issues or problems that can potentially cause data loss or severe service disruptions. Hot patches should be implemented immediately.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="">
<xsd:annotation>
<xsd:documentation>The empty string value is permitted here to allow for detailed error reporting.</xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
</xsd:restriction>
</xsd:simpleContent>
</xsd:complexType>
</xsd:schema>