[Openvas-commits] r11913 - in trunk/gsa: . src/html

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Tue Nov 1 13:58:40 CET 2011 

Author: hdoreau
Date: 2011-11-01 13:58:39 +0100 (Tue, 01 Nov 2011)
New Revision: 11913

Modified:
   trunk/gsa/ChangeLog
   trunk/gsa/src/html/omp.xsl
Log:
* src/html/omp.xsl (get_info_response, cpe-details): Display associated
vulnerabilities of a CPE even if this one isn't present in the
official CPE dictionary.


Modified: trunk/gsa/ChangeLog
===================================================================
--- trunk/gsa/ChangeLog	2011-11-01 12:58:35 UTC (rev 11912)
+++ trunk/gsa/ChangeLog	2011-11-01 12:58:39 UTC (rev 11913)
@@ -1,3 +1,9 @@
+2011-11-01  Henri Doreau <henri.doreau at greenbone.net>
+
+	* src/html/omp.xsl (get_info_response, cpe-details): Display associated
+	vulnerabilities of a CPE even if this one isn't present in the
+	official CPE dictionary.
+
 2011-10-31  Matthew Mundell <matthew.mundell at greenbone.net>
 
 	* src/html/omp.xsl (html-report-details): Add prognostic case for the page

Modified: trunk/gsa/src/html/omp.xsl
===================================================================
--- trunk/gsa/src/html/omp.xsl	2011-11-01 12:58:35 UTC (rev 11912)
+++ trunk/gsa/src/html/omp.xsl	2011-11-01 12:58:39 UTC (rev 11913)
@@ -8334,7 +8334,11 @@
       <xsl:when test="count (cve) > 0">
         <xsl:call-template name="cve-details"/>
       </xsl:when>
-      <xsl:when test="count (cpe) > 0">
+      <!--
+        Display CPEs that have no details associated if they are referenced
+        by one or several CVEs.
+      -->
+      <xsl:when test="count (cpe) > 0 and (count (cpe/cpe:item/cpe:title) > 0 or count (cpe/cves/cve) > 0)">
         <xsl:call-template name="cpe-details"/>
       </xsl:when>
       <xsl:when test="count (nvt) > 0">
@@ -8352,15 +8356,17 @@
         <div class="gb_window_part_center">Get details</div>
         <div class="gb_window_part_content">
           <xsl:choose>
-            <xsl:when test="contains (@status_text, 'cpe:/')">
+            <xsl:when test="contains (@status_text, 'cpe:/') or @status = '200'">
               <h1>Unknown product</h1>
+              <xsl:if test="@status != '200'">
+                <p>
+                  <xsl:value-of select="@status_text"/>
+                </p>
+              </xsl:if>
               <p>
-                <xsl:value-of select="@status_text"/>
+                Please ensure that your SCAP data is up to date. If the
+                problem persists after a sync, please report this as a bug.
               </p>
-              <p>
-                This is not necessarily an error. This CPE was likely referenced
-                by one or more CVE but isn't present in the official CPE dictionary.
-              </p>
             </xsl:when>
             <xsl:when test="contains (@status_text, 'CVE-')">
               <h1>Unknown vulnerability</h1>
@@ -8588,21 +8594,27 @@
           <td><xsl:value-of select="text()"/></td>
         </tr>
       </xsl:for-each>
-      <tr>
-        <td>NVD ID</td>
-        <td><xsl:value-of select="cpe/cpe:cpe-item/meta:item-metadata/@nvd-id"/></td>
-      </tr>
-      <tr>
-        <td>Last modified</td>
-        <td><xsl:value-of select="cpe/cpe:cpe-item/meta:item-metadata/@modification-date"/></td>
-      </tr>
-      <xsl:if test="cpe/cpe:cpe-item/@deprecated='true'">
+      <xsl:if test="count(cpe/cpe:cpe-item/meta:item-metadata) &gt; 0">
         <tr>
-          <td>Deprecated by</td>
-          <td><xsl:value-of select="cpe/cpe:cpe-item/@deprecated_by"/></td>
+          <td>NVD ID</td>
+          <td><xsl:value-of select="cpe/cpe:cpe-item/meta:item-metadata/@nvd-id"/></td>
         </tr>
+        <tr>
+          <td>Last modified</td>
+          <td><xsl:value-of select="cpe/cpe:cpe-item/meta:item-metadata/@modification-date"/></td>
+        </tr>
+        <xsl:if test="cpe/cpe:cpe-item/@deprecated='true'">
+          <tr>
+            <td>Deprecated by</td>
+            <td><xsl:value-of select="cpe/cpe:cpe-item/@deprecated_by"/></td>
+          </tr>
+        </xsl:if>
       </xsl:if>
     </table>
+    <xsl:if test="count(cpe/cpe:cpe-item/cpe:title) = 0">
+      This CPE doesn't appear in the CPE dictionary but is referenced by one
+      or more CVE.
+    </xsl:if>
     <xsl:choose>
       <xsl:when test="count(cpe/cves/cve) = 0">
         <h1>Reported vulnerabilites: None</h1>

More information about the Openvas-commits mailing list