From 8c7364a9e8b3a4173df41ae7d0726f91a49c76a7 Mon Sep 17 00:00:00 2001
From: Ailin Nemui <ailin@z30a.localdomain>
Date: Thu, 8 Jun 2017 19:04:25 +0200
Subject: nest a bit more and simplify yaml

---
 security/index.html | 79 ++++++++++++++++++++++++++++++++---------------------
 1 file changed, 48 insertions(+), 31 deletions(-)

(limited to 'security/index.html')

diff --git a/security/index.html b/security/index.html
index dd66378..b1af350 100644
--- a/security/index.html
+++ b/security/index.html
@@ -1,53 +1,70 @@
 ---
 layout: page
 title: Security
-permalink: /security/
+permalink: security/
 categories: [ _nav ]
 ---
 <table class="table">
     <thead>
-        <tr class="text-nowrap">
-            <th>Links</th>
-	    <th>Exploitable by</th>
-	    <th>Affected versions</th>
-	    <th>Fixed in version</th>
+	<tr class="text-nowrap">
+	    <th colspan="2">Links</th>
+	    <th>Exploitable</th>
+	    <th colspan="3">Versions affected</th>
+	    <th>Fixed</th>
 	    <th>Release date</th>
 	    <th>Git commit</th>
 	    <th>Credit</th>
-	    <th>Description</th>
-        </tr>
+	    <th colspan="2">Description</th>
+	</tr>
     </thead>
-    <tbody>
 {% assign advisories = site.data.security %}
 {% for advisory in advisories reversed %}
+    <tbody>
 	<tr>
-	    <td>{{ advisory.name }}</td>
-	    <td></td>
-	    <td></td>
-	    <td></td>
-	    <td>{{ advisory.release_date }}</td>
-	    <td><a href="https://github.com/irssi/{% if advisory.repo %}{{ advisory.repo }}{% else %}irssi{% endif %}/commit/{{ advisory.git_commit }}">{{ advisory.git_commit | truncate: 8, "" }}</a></td>
-	    <td></td>
-	    <td></td>
+	    <th colspan="3">{% if advisory.link %}<a href="{{ advisory.link }}">{{ advisory.name }}</a>{% elsif advisory.name contains "-SA-" %}<a href="{{ site.baseurl }}/security/{{ advisory.name | slugify	 | replace: '-', '_' }}.txt">{{ advisory.name }}</a>{% else %}{{ advisory.name }}{% endif %}</th>
+	    <th colspan="4">{% if advisory.affected_note %}{{ advisory.affected_note }}{% endif %}</th>
+	    <th>{{ advisory.release_date }}</th>
+	    <th>{% if advisory.git_commit %}<a class="link-icon" href="https://github.com/irssi/{% if advisory.repo %}{{ advisory.repo }}{% else %}irssi{% endif %}/commit/{{ advisory.git_commit }}"> </a>{% endif %}</th>
+	    <th colspan="3"></th>
 	</tr>
+    </tbody>
+	<tbody>
 	{% for bug in advisory.bugs %}
-        	<tr>
-		    <td class="text-nowrap">
-		        {% for link in bug.external_links %}
+		<tr{% if bug.important %} class="warning"{% endif %}>
+		    <td rowspan="3"></td>
+		    <td rowspan="3" class="text-nowrap">
+			{% if bug.name %}
+			<div>{% if bug.link %}<a href="{{ bug.link }}">{{ bug.name }}</a>{% else %}{{ bug.name }}{% endif %}</div>
+			{% endif %}
+			{% if bug.cve %}
+			<div><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ bug.cve }}">{{ bug.cve }}</a></div>
+			{% endif %}
+			{% for link in bug.external_links %}
 			<div><a href="{{ link.url }}">{{ link.id }}</a></div>
-		        {% endfor %}
+			{% endfor %}
 		    </td>
-		    <td>{{ bug.exploitable_by }}</td>
-		    <td>{{ bug.affected_versions }}</td>
-		    <td>
+		    <td rowspan="3">{{ bug.exploitable_by }}</td>
+		    <td class="has-next-row" colspan="4">{% if bug.affected_note_top %}{{ bug.affected_note_top }}{% endif %}</td>
+		    <td rowspan="3">{% comment %} release date {% endcomment %}</td>
+		    <td rowspan="3">{% if bug.git_commit %}<a class="link-icon" href="https://github.com/irssi/{% if bug.repo %}{{ bug.repo }}{% else %}irssi{% endif %}/commit/{{ bug.git_commit }}"> </a>{% endif %}</td>
+		    <td rowspan="3">{{ bug.credit }}</td>
+		    <td rowspan="3">{{ bug.description }}</td>
+		    <td rowspan="3"></td>
+		</tr>
+		<tr{% if bug.important %} class="warning"{% endif %}>
+		    <td class="has-next-row has-previous-row">{{ bug.affected_versions.from }}</td>
+		    <td class="has-next-row has-previous-row">&ndash;</td>
+		    <td class="has-next-row has-previous-row">{{ bug.affected_versions.to }}</td>
+		    <td class="has-next-row has-previous-row">
 			{{ bug.fixed_version }}
 		    </td>
-		    <td></td>
-		    <td></td>
-		    <td>{{ bug.credit }}</td>
-		    <td>{{ bug.description }}</td>
-        	</tr>
+		</tr>
+		<tr{% if bug.important %} class="warning"{% endif %}>
+		    <td class="has-previous-row" colspan="3">{% if bug.affected_note_bottom %}{{ bug.affected_note_bottom }}{% endif %}</td>
+		    <td class="has-previous-row"></td>
+		</tr>
 	{% endfor %}
+	</tbody>
 {% endfor %}
     </tbody>
 </table>
@@ -66,11 +83,11 @@ categories: [ _nav ]
 	Example: malformed color codes inside a message
     </li>
     <li>
-	<b>Local users</b>: Exploitable by unprivileged system users with access to the same filesystem<br />
+	<b>Local</b>: Exploitable by unprivileged system users with access to the same filesystem<br />
 	Example: CVE-2016-7553 (buf.pl information disclosure)
     </li>
     <li>
-	<b>Local formats</b>: Exploitable through internal format codes used in themes and configs. These are not normally processed from the network but may be in combination with buggy scripts.<br />
+	<b>Formats</b>: Exploitable through internal format codes used in themes and configs. These are not normally processed from the network but may be in combination with buggy scripts.<br />
 	Example: CVE-2017-5356 (Crash on <code>%[</code>)
     </li>
 </ul>
-- 
cgit v1.2.3