diff options
| author | Ailin Nemui <ailin@z30a.localdomain> | 2017-06-08 19:04:25 +0200 |
|---|---|---|
| committer | Ailin Nemui <ailin@z30a.localdomain> | 2017-06-08 19:04:30 +0200 |
| commit | 8c7364a9e8b3a4173df41ae7d0726f91a49c76a7 (patch) | |
| tree | cb2d6de8ed7b3df16d5bd21cbee099d7ec265fcd /security/index.html | |
| parent | a1173885097328f366e81e8a7ec5e8da4afc05c3 (diff) | |
| download | irssi.github.io-8c7364a9e8b3a4173df41ae7d0726f91a49c76a7.zip | |
nest a bit more and simplify yaml
Diffstat (limited to 'security/index.html')
| -rw-r--r-- | security/index.html | 79 |
1 files changed, 48 insertions, 31 deletions
diff --git a/security/index.html b/security/index.html index dd66378..b1af350 100644 --- a/security/index.html +++ b/security/index.html @@ -1,53 +1,70 @@ --- layout: page title: Security -permalink: /security/ +permalink: security/ categories: [ _nav ] --- <table class="table"> <thead> - <tr class="text-nowrap"> - <th>Links</th> - <th>Exploitable by</th> - <th>Affected versions</th> - <th>Fixed in version</th> + <tr class="text-nowrap"> + <th colspan="2">Links</th> + <th>Exploitable</th> + <th colspan="3">Versions affected</th> + <th>Fixed</th> <th>Release date</th> <th>Git commit</th> <th>Credit</th> - <th>Description</th> - </tr> + <th colspan="2">Description</th> + </tr> </thead> - <tbody> {% assign advisories = site.data.security %} {% for advisory in advisories reversed %} + <tbody> <tr> - <td>{{ advisory.name }}</td> - <td></td> - <td></td> - <td></td> - <td>{{ advisory.release_date }}</td> - <td><a href="https://github.com/irssi/{% if advisory.repo %}{{ advisory.repo }}{% else %}irssi{% endif %}/commit/{{ advisory.git_commit }}">{{ advisory.git_commit | truncate: 8, "" }}</a></td> - <td></td> - <td></td> + <th colspan="3">{% if advisory.link %}<a href="{{ advisory.link }}">{{ advisory.name }}</a>{% elsif advisory.name contains "-SA-" %}<a href="{{ site.baseurl }}/security/{{ advisory.name | slugify | replace: '-', '_' }}.txt">{{ advisory.name }}</a>{% else %}{{ advisory.name }}{% endif %}</th> + <th colspan="4">{% if advisory.affected_note %}{{ advisory.affected_note }}{% endif %}</th> + <th>{{ advisory.release_date }}</th> + <th>{% if advisory.git_commit %}<a class="link-icon" href="https://github.com/irssi/{% if advisory.repo %}{{ advisory.repo }}{% else %}irssi{% endif %}/commit/{{ advisory.git_commit }}"> </a>{% endif %}</th> + <th colspan="3"></th> </tr> + </tbody> + <tbody> {% for bug in advisory.bugs %} - <tr> - <td class="text-nowrap"> - {% for link in bug.external_links %} + <tr{% if bug.important %} class="warning"{% endif %}> + <td rowspan="3"></td> + <td rowspan="3" class="text-nowrap"> + {% if bug.name %} + <div>{% if bug.link %}<a href="{{ bug.link }}">{{ bug.name }}</a>{% else %}{{ bug.name }}{% endif %}</div> + {% endif %} + {% if bug.cve %} + <div><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ bug.cve }}">{{ bug.cve }}</a></div> + {% endif %} + {% for link in bug.external_links %} <div><a href="{{ link.url }}">{{ link.id }}</a></div> - {% endfor %} + {% endfor %} </td> - <td>{{ bug.exploitable_by }}</td> - <td>{{ bug.affected_versions }}</td> - <td> + <td rowspan="3">{{ bug.exploitable_by }}</td> + <td class="has-next-row" colspan="4">{% if bug.affected_note_top %}{{ bug.affected_note_top }}{% endif %}</td> + <td rowspan="3">{% comment %} release date {% endcomment %}</td> + <td rowspan="3">{% if bug.git_commit %}<a class="link-icon" href="https://github.com/irssi/{% if bug.repo %}{{ bug.repo }}{% else %}irssi{% endif %}/commit/{{ bug.git_commit }}"> </a>{% endif %}</td> + <td rowspan="3">{{ bug.credit }}</td> + <td rowspan="3">{{ bug.description }}</td> + <td rowspan="3"></td> + </tr> + <tr{% if bug.important %} class="warning"{% endif %}> + <td class="has-next-row has-previous-row">{{ bug.affected_versions.from }}</td> + <td class="has-next-row has-previous-row">–</td> + <td class="has-next-row has-previous-row">{{ bug.affected_versions.to }}</td> + <td class="has-next-row has-previous-row"> {{ bug.fixed_version }} </td> - <td></td> - <td></td> - <td>{{ bug.credit }}</td> - <td>{{ bug.description }}</td> - </tr> + </tr> + <tr{% if bug.important %} class="warning"{% endif %}> + <td class="has-previous-row" colspan="3">{% if bug.affected_note_bottom %}{{ bug.affected_note_bottom }}{% endif %}</td> + <td class="has-previous-row"></td> + </tr> {% endfor %} + </tbody> {% endfor %} </tbody> </table> @@ -66,11 +83,11 @@ categories: [ _nav ] Example: malformed color codes inside a message </li> <li> - <b>Local users</b>: Exploitable by unprivileged system users with access to the same filesystem<br /> + <b>Local</b>: Exploitable by unprivileged system users with access to the same filesystem<br /> Example: CVE-2016-7553 (buf.pl information disclosure) </li> <li> - <b>Local formats</b>: Exploitable through internal format codes used in themes and configs. These are not normally processed from the network but may be in combination with buggy scripts.<br /> + <b>Formats</b>: Exploitable through internal format codes used in themes and configs. These are not normally processed from the network but may be in combination with buggy scripts.<br /> Example: CVE-2017-5356 (Crash on <code>%[</code>) </li> </ul> |