CSAF 2.0 to CSAF 2.1

- update rest of prose to use v2.1 - update timestamps for consistency - fix incorrect filesname - adopt test data to reflect changes in prose
oasis-tcs · Jan 25, 2024 · df23a99 · df23a99
1 parent 5e000b9
commit df23a99
Show file tree

Hide file tree

Showing 22 changed files with 133 additions and 141 deletions.
diff --git a/csaf_2.1/prose/edit/src/introduction-04-informative-references.md b/csaf_2.1/prose/edit/src/introduction-04-informative-references.md
@@ -12,6 +12,9 @@ CPE23-M
 CPE23-N
 :    _Common Platform Enumeration: Naming Specification Version 2.3_, B. Cheikes, D. Waltermire, K. Scarfone, Editors, NIST Interagency Report 7695, August 2011, https://dx.doi.org/10.6028/NIST.IR.7695.
 
+CSAF-v2.0
+:    _Common Security Advisory Framework Version 2.0_. Edited by Langley Rock, Stefan Hagen, and Thomas Schmidt. 18 November 2022. OASIS Standard. https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html. Latest stage: https://docs.oasis-open.org/csaf/csaf/v2.0/csaf-v2.0.html.
+
 CVE
 :    _Common Vulnerability and Exposures (CVE) – The Standard for Information Security Vulnerability Names_, MITRE, 1999, https://cve.mitre.org/about/.
 

diff --git a/csaf_2.1/prose/edit/src/revision-history.md b/csaf_2.1/prose/edit/src/revision-history.md
@@ -10,10 +10,6 @@ toc:
 
 | Revision                 | Date       | Editor                          | Changes Made                                                                          |
 |:-------------------------|:-----------|:--------------------------------|:--------------------------------------------------------------------------------------|
-| csaf-v2.0-wd20210927-dev | 2021-09-27 | Stefan Hagen and Thomas Schmidt | Preparing next Editor revision for TC review and submittal as CS for public review    |
-| csaf-v2.0-wd20220329-dev | 2022-03-29 | Stefan Hagen and Thomas Schmidt | Preparing next Editor revision for TC review and submittal as CSD02 for public review |
-| csaf-v2.0-wd20220514-dev | 2022-05-14 | Stefan Hagen and Thomas Schmidt | Preparing next Editor revision for TC review and submittal as CS                      |
-| csaf-v2.0-wd20220715-dev | 2022-07-15 | Stefan Hagen and Thomas Schmidt | Preparing next Editor revision for TC review and submittal as CS                      |
-| csaf-v2.0-wd20220720-dev | 2022-07-20 | Stefan Hagen and Thomas Schmidt | Preparing next Editor revision for TC review and submittal as CS                      |
+| csaf-v2.0-wd20240124-dev | 2024-01-24 | Stefan Hagen and Thomas Schmidt | Preparing initial Editor Revision |
 
 -------
diff --git a/csaf_2.1/prose/edit/src/schema-elements-00.md b/csaf_2.1/prose/edit/src/schema-elements-00.md
@@ -2,7 +2,7 @@
 
 The CSAF schema describes how to represent security advisory information as a JSON document.
 
-The CSAF schema Version 2.0 builds on the JSON Schema draft 2020-12 rules.
+The CSAF schema Version 2.1 builds on the JSON Schema draft 2020-12 rules.
 
 ```
     "$schema": "https://json-schema.org/draft/2020-12/schema"
@@ -11,7 +11,7 @@ The CSAF schema Version 2.0 builds on the JSON Schema draft 2020-12 rules.
 The schema identifier is:
 
 ```
-    "$id": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json"
+    "$id": "https://docs.oasis-open.org/csaf/csaf/v2.1/csaf_json_schema.json"
 ```
 
 The further documentation of the schema is organized via Definitions and Properties.

diff --git a/csaf_2.1/prose/edit/src/schema-elements-02-props-01-document.md b/csaf_2.1/prose/edit/src/schema-elements-02-props-01-document.md
@@ -130,7 +130,7 @@ CSAF version (`csaf_version`) of value type `string` and `enum` gives the versio
 The single valid value for this `enum` is:
 
 ```
-    2.0
+    2.1
 ```
 
 #### Document Property - Distribution

diff --git a/csaf_2.1/prose/edit/src/tests-01-mndtr-14-sorted-revision-history.md b/csaf_2.1/prose/edit/src/tests-01-mndtr-14-sorted-revision-history.md
@@ -13,12 +13,12 @@ The relevant path for this test is:
 ```
   "revision_history": [
     {
-      "date": "2021-07-22T10:00:00.000Z",
+      "date": "2024-01-22T10:00:00.000Z",
       "number": "2",
       "summary": "Second version."
     },
     {
-      "date": "2021-07-23T10:00:00.000Z",
+      "date": "2024-01-23T10:00:00.000Z",
       "number": "1",
       "summary": "Initial version."
     }

diff --git a/csaf_2.1/prose/edit/src/tests-01-mndtr-16-latest-document-version.md b/csaf_2.1/prose/edit/src/tests-01-mndtr-16-latest-document-version.md
@@ -17,12 +17,12 @@ The relevant path for this test is:
     // ...
     "revision_history": [
       {
-        "date": "2021-07-21T09:00:00.000Z",
+        "date": "2024-01-21T09:00:00.000Z",
         "number": "1",
         "summary": "Initial version."
       },
       {
-        "date": "2021-07-21T10:00:00.000Z",
+        "date": "2024-01-21T10:00:00.000Z",
         "number": "2",
         "summary": "Second version."
       }

diff --git a/csaf_2.1/prose/edit/src/tests-01-mndtr-18-released-revision-history.md b/csaf_2.1/prose/edit/src/tests-01-mndtr-18-released-revision-history.md
@@ -15,12 +15,12 @@ The relevant path for this test is:
       // ...
       "revision_history": [
         {
-          "date": "2021-05-17T10:00:00.000Z",
+          "date": "2023-09-17T10:00:00.000Z",
           "number": "0",
           "summary": "First draft"
         },
         {
-          "date": "2021-07-21T10:00:00.000Z",
+          "date": "2024-01-21T10:00:00.000Z",
           "number": "1",
           "summary": "Initial version."
         }

diff --git a/...edit/src/tests-01-mndtr-19-revision-history-entries-for-pre-release-versions.md b/...edit/src/tests-01-mndtr-19-revision-history-entries-for-pre-release-versions.md
@@ -13,12 +13,12 @@ The relevant path for this test is:
 ```
     "revision_history": [
       {
-        "date": "2021-04-22T10:00:00.000Z",
+        "date": "2023-08-22T10:00:00.000Z",
         "number": "1.0.0-rc",
         "summary": "Release Candidate for initial version."
       },
       {
-        "date": "2021-04-23T10:00:00.000Z",
+        "date": "2023-08-23T10:00:00.000Z",
         "number": "1.0.0",
         "summary": "Initial version."
       }

diff --git a/csaf_2.1/prose/edit/src/tests-01-mndtr-21-missing-item-in-revision-history.md b/csaf_2.1/prose/edit/src/tests-01-mndtr-21-missing-item-in-revision-history.md
@@ -16,12 +16,12 @@ The relevant path for this test is:
 ```
     "revision_history": [
       {
-        "date": "2021-04-22T10:00:00.000Z",
+        "date": "2023-08-22T10:00:00.000Z",
         "number": "1",
         "summary": "Initial version."
       },
       {
-        "date": "2021-07-21T10:00:00.000Z",
+        "date": "2024-01-21T10:00:00.000Z",
         "number": "3",
         "summary": "Some other changes."
       }

diff --git a/csaf_2.1/prose/edit/src/tests-01-mndtr-24-multiple-definition-in-involvements.md b/csaf_2.1/prose/edit/src/tests-01-mndtr-24-multiple-definition-in-involvements.md
@@ -15,12 +15,12 @@ The relevant path for this test is:
     {
       "involvements": [
         {
-          "date": "2021-04-23T10:00:00.000Z",
+          "date": "2023-08-23T10:00:00.000Z",
           "party": "vendor",
           "status": "completed"
         },
         {
-          "date": "2021-04-23T10:00:00.000Z",
+          "date": "2023-08-23T10:00:00.000Z",
           "party": "vendor",
           "status": "in_progress",
           "summary": "The vendor has released a mitigation and is working to fully resolve the issue."

diff --git a/csaf_2.1/prose/edit/src/tests-01-mndtr-27-profile-tests.md b/csaf_2.1/prose/edit/src/tests-01-mndtr-27-profile-tests.md
@@ -62,7 +62,7 @@ The relevant path for this test is:
     {
       "category": "self",
       "summary": "The canonical URL.",
-      "url": "https://example.com/security/data/csaf/2021/OASIS_CSAF_TC-CSAF_2_0-2021-6-1-27-02-01.json"
+      "url": "https://example.com/security/data/csaf/2024/oasis_csaf_tc-csaf_2_1-2024-6-1-27-02-01.json"
     }
   ]
 ```

diff --git a/csaf_2.1/prose/edit/src/tests-01-mndtr-30-mixed-integer-and-semantic-versioning.md b/csaf_2.1/prose/edit/src/tests-01-mndtr-30-mixed-integer-and-semantic-versioning.md
@@ -17,12 +17,12 @@ The relevant paths for this test are:
       // ...
       "revision_history": [
         {
-          "date": "2021-07-21T09:00:00.000Z",
+          "date": "2024-01-21T09:00:00.000Z",
           "number": "1.0.0",
           "summary": "Initial version."
         },
         {
-          "date": "2021-07-21T10:00:00.000Z",
+          "date": "2024-01-21T10:00:00.000Z",
           "number": "2",
           "summary": "Second version."
         }

diff --git a/csaf_2.1/prose/edit/src/tests-02-optional.md b/csaf_2.1/prose/edit/src/tests-02-optional.md
@@ -128,7 +128,7 @@ The relevant path for this test is:
 ```
     "revision_history": [
       {
-        "date": "2021-04-23T10:00:00.000Z",
+        "date": "2023-08-23T10:00:00.000Z",
         "number": "1.0.0+exp.sha.ac00785",
         "summary": "Initial version."
       }
@@ -152,15 +152,15 @@ The relevant path for this test is:
 ```
     "tracking": {
       // ...
-      "initial_release_date": "2021-04-22T10:00:00.000Z",
+      "initial_release_date": "2023-08-22T10:00:00.000Z",
       "revision_history": [
         {
-          "date": "2021-05-06T10:00:00.000Z",
+          "date": "2023-09-06T10:00:00.000Z",
           "number": "1",
           "summary": "Initial version."
         },
         {
-          "date": "2021-07-21T11:00:00.000Z",
+          "date": "2024-01-21T11:00:00.000Z",
           "number": "2",
           "summary": "Second version."
         }
@@ -169,7 +169,7 @@ The relevant path for this test is:
     }
 ```
 
-> The initial release date `2021-04-22T10:00:00.000Z` is older than `2021-05-06T10:00:00.000Z` which is the `date` of
+> The initial release date `2023-08-22T10:00:00.000Z` is older than `2023-09-06T10:00:00.000Z` which is the `date` of
 > the oldest item in Revision History.
 
 ### Older Current Release Date than Revision History
@@ -186,16 +186,16 @@ The relevant path for this test is:
 
 ```
     "tracking": {
-      "current_release_date": "2021-05-06T10:00:00.000Z",
+      "current_release_date": "2023-09-06T10:00:00.000Z",
       // ...
       "revision_history": [
         {
-          "date": "2021-05-06T10:00:00.000Z",
+          "date": "2023-09-06T10:00:00.000Z",
           "number": "1",
           "summary": "Initial version."
         },
         {
-          "date": "2021-07-21T11:00:00.000Z",
+          "date": "2024-01-21T11:00:00.000Z",
           "number": "2",
           "summary": "Second version."
         }
@@ -204,7 +204,7 @@ The relevant path for this test is:
     }
 ```
 
-> The current release date `2021-05-06T10:00:00.000Z` is older than `2021-05-23T1100:00.000Z` which is the `date` of
+> The current release date `2023-09-06T10:00:00.000Z` is older than `2023-09-23T1100:00.000Z` which is the `date` of
 > the newest item in Revision History.
 
 ### Missing Date in Involvements
@@ -367,13 +367,13 @@ The relevant path for this test is:
       {
         "category": "self",
         "summary": "A non-canonical URL.",
-        "url": "https://example.com/security/data/csaf/2021/OASIS_CSAF_TC-CSAF_2.0-2021-6-2-11-01_1.json"
+        "url": "https://example.com/security/data/csaf/2024/oasis_csaf_tc-csaf_2.1-2024-6-2-11-01_1.json"
       }
     ],
     // ...
     "tracking": {
       // ...
-      "id": "OASIS_CSAF_TC-CSAF_2.0-2021-6-2-11-01",
+      "id": "OASIS_CSAF_TC-CSAF_2.1-2024-6-2-11-01",
       // ...
       "version": "1"
     },
@@ -398,7 +398,7 @@ The relevant path for this test is:
 ```
   "document": {
     "category": "csaf_base",
-    "csaf_version": "2.0",
+    "csaf_version": "2.1",
     "publisher": {
       // ...
     },
@@ -422,7 +422,7 @@ The relevant path for this test is:
 
 ```
   "document": {
-    "csaf_version": "2.0",
+    "csaf_version": "2.1",
     "category": "csaf_base",
     // ...
   }
@@ -631,7 +631,7 @@ The relevant path for this test is:
 ```
   "document": {
     "category": "csaf_base",
-    "csaf_version": "2.0",
+    "csaf_version": "2.1",
     "custom_property": "any",
     // ...
   }