Merge pull request #700 from tschmidtb51/editorial-2024-02-28

Editorial 2024 02 24
oasis-tcs · Feb 26, 2024 · 641b1d0 · 641b1d0
2 parents 59c16eb + 1ef57cb
commit 641b1d0
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 18 deletions.
diff --git a/csaf_2.1/prose/edit/src/distributing.md b/csaf_2.1/prose/edit/src/distributing.md
@@ -171,8 +171,8 @@ value of `/document/tracking/initial_release_date`.
 *Examples 1:*
 
 ```
-2021
-2020
+2024
+2023
 ```
 
 ### Requirement 12: index.txt
@@ -182,9 +182,10 @@ The index.txt file within MUST provide a list of all filenames of CSAF documents
 *Example 1:*
 
 ```
-2020/example_company_-_2020-yh4711.json
-2019/example_company_-_2019-yh3234.json
-2018/example_company_-_2018-yh2312.json
+2023/esa-2023-09953.json
+2022/esa-2022-02723.json
+2021/esa-2021-31916.json
+2021/esa-2021-03676.json
 ```
 
 > This can be used to download all CSAF documents.
@@ -197,10 +198,10 @@ CSAF document in the sub-directories without a heading; lines MUST be sorted by
 *Example 1:*
 
 ```
-"2020/example_company_-_2020-yh4711.json","2020-07-01T10:09:07Z"
-"2018/example_company_-_2018-yh2312.json","2020-07-01T10:09:01Z"
-"2019/example_company_-_2019-yh3234.json","2019-04-17T15:08:41Z"
-"2018/example_company_-_2018-yh2312.json","2019-03-01T06:01:00Z"
+"2023/esa-2023-09953.json","2023-07-01T10:09:07Z"
+"2021/esa-2021-03676.json","2023-07-01T10:09:01Z"
+"2022/esa-2022-02723.json","2022-04-17T15:08:41Z"
+"2021/esa-2021-31916.json","2022-03-01T06:01:00Z"
 ```
 
 ### Requirement 14: Directory listings
@@ -388,9 +389,9 @@ MD5 and SHA1 SHOULD NOT be used.
 *Example 1:*
 
 ```
-File name of CSAF document: example_company_-_2019-yh3234.json
-File name of SHA-256 hash file: example_company_-_2019-yh3234.json.sha256
-File name of SHA-512 hash file: example_company_-_2019-yh3234.json.sha512
+File name of CSAF document: esa-2022-02723.json
+File name of SHA-256 hash file: esa-2022-02723.json.sha256
+File name of SHA-512 hash file: esa-2022-02723.json.sha512
 ```
 
 The file content SHALL start with the first byte of the hexadecimal hash value.
@@ -399,7 +400,7 @@ Any subsequent data (like a filename) which is optional SHALL be separated by at
 *Example 2:*
 
 ```
-ea6a209dba30a958a78d82309d6cdcc6929fcb81673b3dc4d6b16fac18b6ff38  example_company_-_2019-yh3234.json
+ea6a209dba30a958a78d82309d6cdcc6929fcb81673b3dc4d6b16fac18b6ff38  esa-2022-02723.json
 ```
 
 If a ROLIE feed exists, each hash file MUST be listed in it as described in requirement 15.
@@ -412,8 +413,8 @@ extended by the appropriate extension. See [cite](#RFC4880) for more details.
 *Example 1:*
 
 ```
-File name of CSAF document: example_company_-_2019-yh3234.json
-File name of signature file: example_company_-_2019-yh3234.json.asc
+File name of CSAF document: esa-2022-02723.json
+File name of signature file: esa-2022-02723.json.asc
 ```
 
 If a ROLIE feed exists, each signature file MUST be listed in it as described in requirement 15.

diff --git a/csaf_2.1/prose/edit/src/introduction-04-informative-references.md b/csaf_2.1/prose/edit/src/introduction-04-informative-references.md
@@ -127,7 +127,7 @@ VEX
 
 VEX-Justification
 :    _Vulnerability Exploitability eXchange (VEX) - Status Justifications_, VEX sub-group of the Framing Working Group in the CISA SBOM initiative,
-XX May 2022, https://www.cisa.gov/sites/default/files/publications/VEX_Status_Justification_Jun22.pdf.
+June 2022, https://www.cisa.gov/sites/default/files/publications/VEX_Status_Justification_Jun22.pdf.
 
 XML
 :    _Extensible Markup Language (XML) 1.0 (Fifth Edition)_, T. Bray, J. Paoli, M. Sperberg-McQueen, E. Maler, F. Yergeau, Editors,

diff --git a/csaf_2.1/prose/edit/src/schema-elements-01-defs-03-full-product-name.md b/csaf_2.1/prose/edit/src/schema-elements-01-defs-03-full-product-name.md
@@ -311,7 +311,7 @@ abbreviated (partial) stock keeping units.
 
 A list of stock keeping units SHOULD only be used if the list of relationships is used to decouple e.g. hardware from the software,
 or the stock keeping units change during update.
-In the latter case the remediations SHALL include the new stock keeping units is or a description how it can be obtained.
+In the latter case the remediations SHALL include the new stock keeping units or a description how it can be obtained.
 
 > The use of the list of relationships in the first case is important.
 > Otherwise, the end user is unable to identify which version (the affected or the not affected / fixed one) is used.

diff --git a/csaf_2.1/prose/edit/src/schema-elements-02-props-01-document.md b/csaf_2.1/prose/edit/src/schema-elements-02-props-01-document.md
@@ -207,7 +207,7 @@ The default value is the URL to the definition by FIRST:
 
 ```
     https://www.us-cert.gov/tlp
-    https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Kritis/Merkblatt_TLP.pdf
+    https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/TLP/merkblatt-tlp.pdf
 ```
 
 #### Document Property - Language