r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Merge pull request #394 from cisagov/improvement/use_issue_forms

Browse Source 
Use issue forms to streamline the issue submission process
pull/405/head^2
Nick 2 years ago committed by GitHub
parent 4e7d97c66f acdfb7fedc
commit 6659597ecf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 162 additions and 27 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 82
      .github/ISSUE_TEMPLATE/product-submission-form.yml
  2. 27
      .github/ISSUE_TEMPLATE/product-submission-template.md
  3. 80
      .github/ISSUE_TEMPLATE/product-update-form.yml

82
.github/ISSUE_TEMPLATE/product-submission-form.yml
Unescape View File

@ -0,0 +1,82 @@
---
name: Submit a Product
description: Submit a product to the database
title: "[Product Submission]: <vendor> - <product>"
body:
- type: input
id: product-vendor
attributes:
label: Product vendor
description: Who is the vendor for the product?
placeholder: Cisco, Dell, IBM, etc.
validations:
required: true
- type: input
id: product-name
attributes:
label: Product name
description: What is the name of the product?
placeholder: AppDynamics, BigFix Inventory, Centera, etc.
validations:
required: true
- type: input
id: product-versions
attributes:
label: Product version(s)
description: What version(s) of the product is (are) affected?
placeholder: v2; 1.5; >3; >=4; >5, <6; etc.
validations:
required: true
- type: dropdown
id: product-status
attributes:
label: Product status
description: What is the current status of the affected product?
options:
- Unknown
- Affected
- Not Affected
- Fixed
- Under Investigation
validations:
required: true
- type: markdown
attributes:
value: |
Please use the information below when selecting a status.
- Unknown - Status unknown. Default choice.
- Affected - Reported to be affected by CVE-2021-44228.
- Not Affected - Reported to NOT be affected by CVE-2021-44228 and no
further action necessary.
- Fixed - Patch and/or mitigations available (see provided links).
- Under Investigation - Vendor investigating status.
- type: dropdown
id: product-updated
attributes:
label: Product update
description: Is there an update available for the product?
options:
- Available
- Not Available
validations:
required: true
- type: input
id: product-update-link
attributes:
label: Product update link
description: Where can the update be found, if one is available?
- type: input
id: product-last-updated
attributes:
label: Last updated
description: When was the product last updated?
placeholder: "2021-12-06"
- type: textarea
id: product-notes
attributes:
label: Notes
- type: textarea
id: product-references
attributes:
label: References

27
.github/ISSUE_TEMPLATE/product-submission-template.md
Unescape View File

@ -1,27 +0,0 @@
---
name: Product Submission Template
about: Template for product submissions of all publicly available information
and vendor-supplied advisories regarding the log4j vulnerability.
---
# Submission Template #
Please provide the following information.
- Vendor Name
- Product Name
- Version(s) affected
- Status: Please choose from one of the following - Unknown, Affected,
Not Affected, Fixed, and Under Investigation.
- Update Available: Yes or No (If Yes, please provide link to information)
- Notes
- References
- Last Updated: Date of last update
For questions about choice for status, please see the information below.
- Unknown - Status unknown. Default choice.
- Affected - Reported to be affected by CVE-2021-44228.
- Not Affected - Reported to NOT be affected by CVE-2021-44228 and no further
action necessary.
- Fixed - Patch and/or mitigations available (see provided links).
- Under Investigation - Vendor investigating status.

80
.github/ISSUE_TEMPLATE/product-update-form.yml
Unescape View File

@ -0,0 +1,80 @@
---
name: Update a Product
description: Update information about a product in the database
title: "[Product Update]: <vendor> - <product>"
body:
- type: input
id: product-vendor
attributes:
label: Product vendor
description: Who is the vendor for the product?
placeholder: Cisco, Dell, IBM, etc.
validations:
required: true
- type: input
id: product-name
attributes:
label: Product name
description: What is the name of the product?
placeholder: AppDynamics, BigFix Inventory, Centera, etc.
validations:
required: true
- type: textarea
id: update-context
attributes:
label: Context
description: Please provide context around the update.
- type: input
id: product-versions
attributes:
label: Product version(s)
description: What version(s) of the product are affected?
- type: dropdown
id: product-status
attributes:
label: Product status
description: What is the current status of the affected product?
options:
- Unknown
- Affected
- Not Affected
- Fixed
- Under Investigation
- type: markdown
attributes:
value: |
Please use the information below when selecting a status.
- Unknown - Status unknown. Default choice.
- Affected - Reported to be affected by CVE-2021-44228.
- Not Affected - Reported to NOT be affected by CVE-2021-44228 and no
further action necessary.
- Fixed - Patch and/or mitigations available (see provided links).
- Under Investigation - Vendor investigating status.
- type: dropdown
id: product-updated
attributes:
label: Product update
description: Is there an update available for the product?
options:
- Available
- Not Available
- type: input
id: product-update-link
attributes:
label: Product update link
description: Where can the update be found, if one is available?
- type: input
id: product-last-updated
attributes:
label: Last updated
description: When was the product last updated?
placeholder: "2021-12-06"
- type: textarea
id: product-notes
attributes:
label: Notes
- type: textarea
id: product-references
attributes:
label: References
Write Preview
Loading…
Cancel
Save