3 # project specific details
5 config['project'] = "openssl"
6 config['vendor_name'] = "OpenSSL"
7 config['product_name'] = "OpenSSL"
8 config['cve_meta_assigner'] = "openssl-security@openssl.org"
9 # Versions of OpenSSL we never released, to allow us to display ranges
10 config['neverreleased'] = "1.0.0h,"
11 config['security_policy_url'] = "https://www.openssl.org/policies/secpolicy.html#"
12 config['git_prefix'] = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h="
13 config['default_reference_prefix'] = "https://www.openssl.org"
15 def merge_affects(issue,base):
16 # let's merge the affects into a nice list which is better for Mitre text but we have to take into account our stange lettering scheme
21 for affects in issue.getElementsByTagName('affects'): # so we can sort them
22 version = affects.getAttribute("version")
23 if (not base or base in version):
25 for ver in sorted(vlist):
26 # print "version %s (last was %s, next was %s)" %(ver,prev,anext)
29 elif len(alist[-1]) > 1:
34 if (unicode.isdigit(ver[-1])): # First version after 1.0.1 is 1.0.1a
36 elif (ver[-1] == "y"):
37 anext = ver[:-1] + "za" # We ran out of letters once so y->za->zb....
39 anext = ver[:-1]+chr(ord(ver[-1])+1) # otherwise after 1.0.1a is 1.0.1b
40 while (anext in config['neverreleased']): # skip unreleased versions
41 anext = anext[:-1]+chr(ord(anext[-1])+1)
43 return ",".join(['-'.join(map(str,aff)) for aff in alist])