You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
/product_tree/*/product/product_identification_helper: Provides at least one method which aids in identifying the product in an asset database. It was introduced to group different ways to identify a product/
/product_tree/*/product/product_identification_helper/hashes: Contains a list of cryptographic hashes usable to identify files.
/product_tree/*/product/product_identification_helper/purl: The package URL (purl) attribute refers to a method for reliably identifying and locating software packages external to this specification.
/product_tree/*/product/product_identification_helper/sbom_urls: Contains a list of URLs where SBOMs for this product can be retrieved.
/product_tree/*/product/product_identification_helper/serial_numbers: Contains a list of parts, or full serial numbers.
/product_tree/*/product/product_identification_helper/skus: Contains a list of parts, or full stock keeping units.
/product_tree/*/product/product_identification_helper/x_generic_uris: Contains a list of identifiers which are either vendor-specific or derived from a standard not yet supported.
/product_tree/relationships[]: If more than one prod:FullProductName instance is given, the CVRF CSAF converter converts the first one into the full_product_name. In addition, the converter outputs a warning that information might be lost during conversion of product relationships. quoted here
The text was updated successfully, but these errors were encountered:
Part of EPIC #10
CVRF 1.1 view
changed 1.2 -> 2.0 spec
E.1 Newly introduced elements
/product_tree/*/product/product_identification_helper
: Provides at least one method which aids in identifying the product in an asset database. It was introduced to group different ways to identify a product//product_tree/*/product/product_identification_helper/hashes
: Contains a list of cryptographic hashes usable to identify files./product_tree/*/product/product_identification_helper/purl
: The package URL (purl) attribute refers to a method for reliably identifying and locating software packages external to this specification./product_tree/*/product/product_identification_helper/sbom_urls
: Contains a list of URLs where SBOMs for this product can be retrieved./product_tree/*/product/product_identification_helper/serial_numbers
: Contains a list of parts, or full serial numbers./product_tree/*/product/product_identification_helper/skus
: Contains a list of parts, or full stock keeping units./product_tree/*/product/product_identification_helper/x_generic_uris
: Contains a list of identifiers which are either vendor-specific or derived from a standard not yet supported.E.2 Changed elements
Around 130 element changes are documented -->
/cvrf:cvrfdoc/prod:ProductTree
Field definitions
3.2.2 Product Tree Property
/product_tree/relationships[]
: If more than oneprod:FullProductName
instance is given, the CVRF CSAF converter converts the first one into the full_product_name. In addition, the converter outputs a warning that information might be lost during conversion of product relationships. quoted hereThe text was updated successfully, but these errors were encountered: