Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
cvereport(1)		       cvereport Manual			  cvereport(1)

NAME
       cvereport - Generate an HTML report for the cvechecker output

SYNOPSIS
       cvereport [-d | -D] <targetdir> <acknowledgementfile>

DESCRIPTION
       The cvereport tool will generate	an HTML	report based on	the cvechecker
       output. The report is generated based on	some simple XML/XSLT transfor-
       mations	and uses an acknowledgement file to keep track of the state of
       the CVE entries matching	your system.

USAGE
   COMMAND USAGE
       The command requires two	user-specified options:

        The targetdir is an existing, writeable directory where cvereport can
	 store its report.html output.

        The acknowledgementfile is an existing, readable XML file  that  con-
	 tains the analysis of the CVE entries for your	system

       The difference between -d and -D	is that

        -d runs the standard cvechecker report, whereas

        -D  runs  the cvechecker report including matches for higher versions
	 of the	installed software

   ACKNOWLEDGEMENT FILE	FORMAT
       The XML file for	the acknowledgements uses the following	syntax:

       <?xml version="1.0"?>
       <acknowledgements>
	 <resolution id="resolution_id_1">Comment about	why a CVE entry	is irrelevant for your system</resolution>
	 <resolution id="resolution_id_2">Another comment</resolution>
	 <comment id="comment_id_1">Comment why	the CVE	is acknowledged, but not resolved</comment>
	 <file name="/path/to/filename1" cve="CVE-2000-1234" state="irrelevant"	resolution="resolution_id_1" />
	 <file name="/path/to/filename2" cve="CVE-2000-5678" state="irrelevant"	resolution="resolution_id_2" />
	 <file name="/path/to/filename3" cve="CVE-2001-9012" state="acknowledged" comment="comment_id_1" />
       </acknowledgements>

       The use of comments or resolutions within the file entity is not	manda-
       tory, but recommended.

AUTHOR
       cvereport is part of the	cvechecker tool. cvereport was written by Sven
       Vermeulen <sven.vermeulen@siphos.be>.

September 1, 2010	       27 November 2010			  cvereport(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=cvereport&sektion=1&manpath=FreeBSD+Ports+15.0>

home | help