Merge pull request #210 from CVEProject/npo-192

alinh-mitre · web-flow · commit 37d3bac23aa5 · 2021-05-10T13:40:47.000-04:00
#192 Content updates to glossary page
diff --git a/src/assets/data/faqs.json b/src/assets/data/faqs.json
@@ -166,7 +166,7 @@
 				"questionId": "what_is_cve_record",
 				"questionText": "What is a CVE Record",
 				"questionResponseParagraphs": [
-					"A CVE Record is the descriptive data about a <a href='/About/Glossary?activeTerm=glossaryVulnerability'>vulnerability</a> associated with a CVE ID, provided by a <a href='/About/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a>, and enriched by <a href='/About/Glossary?activeTerm=glossaryADP'>Authorized Data Publishers (ADPs)</a>. This data is provided in multiple human and machine-readable formats.",
+					"A CVE Record is the descriptive data about a <a href='/About/Glossary?activeTerm=glossaryVulnerability'>vulnerability</a> associated with a CVE ID, provided by a <a href='/About/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a>, and enriched by Authorized Data Publishers (ADPs). This data is provided in multiple human and machine-readable formats.",
 					"See <a href='/About/Process#CVE_Records'>CVE Process</a> for additional information."
 				]
 			},
diff --git a/src/assets/data/glossaryEntries.json b/src/assets/data/glossaryEntries.json
@@ -1,9 +1,5 @@
 [
-    {
-        "id": "glossaryADP",
-	"term": "Authorized Data Publisher (ADP)",
-	"definition": "An organization authorized within the <span class='cve-term-reference'>CVE Program</span> to enrich a <span class='cve-term-reference'>CVE Record</span> previously published by a CNA with additional, related information (e.g., risk scores, affected product lists, and versions [i.e., references, translations]) within a defined Scope."
-    },
+
     {
 	"id": "glossaryCVE",
 	"term": "CVE",
@@ -16,7 +12,7 @@
     },
     {
 	"id": "glossaryCVEID",
-	"term": "CVE ID",
+	"term": "CVE Identifier (CVE ID)",
 	"definition": "A unique, alphanumeric identifier assigned by the <span class='cve-term-reference'>CVE Program</span>. Each identifier references a specific vulnerability. A CVE ID enables automation and multiple parties to discuss, share, and correlate information about a specific vulnerability, knowing they are referring to the same thing."
     },
     {
@@ -37,12 +33,12 @@
     {
 	"id": "glossaryProgram",
 	"term": "CVE Program",
-	"definition": "An international, community-driven effort to catalog <span class='cve-term-reference'>Vulnerabilities</span> in accordance with the effort’s rules and guidelines."
+	"definition": "An international, community-driven effort to catalog <span class='cve-term-reference'>vulnerabilities</span> in accordance with the effort’s rules and guidelines."
     },
     {
 	"id": "glossaryRecord",
 	"term": "CVE Record",
-	"definition": "The descriptive data about a <span class='cve-term-reference'>Vulnerability</span> associated with a <span class='cve-term-reference'>CVE ID</span>, provided by a <span class='cve-term-reference'>CNA</span>, and enriched by <span class='cve-term-reference'>ADPs</span>. This data is provided in multiple human and machine-readable formats. <p>A CVE Record is associated with one of the following states:</p><ul class='cve-term-definition-list'><li><span class='cve-term-reference'>Reserved</span>: The initial state for a CVE Record; when the associated CVE ID is Reserved by a CNA.</li><li><span class='cve-term-reference'>Published</span>: When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published. The associated data must contain an identification number (CVE ID), a prose description, and at least one public reference.</li><li><span class='cve-term-reference'>Rejected</span>: If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.</li></ul><p>See also:</p><ul class='cve-term-definition-list'><li>The full requirements for a CVE Record can be found in Section 8.1. CVE Entry Information Requirements of the CNA Rules document. Data elements within a CVE Record are defined in Section 7. Assignment Rules of the CNA Rules document.</li><li>See Section 8.3 Reference Requirements of the CNA Rules for the requirements for the <span class='cve-term-reference'>CVE Program</span> to consider a CVE ID public.</li></ul>"
+	"definition": "The descriptive data about a <span class='cve-term-reference'>Vulnerability</span> associated with a <span class='cve-term-reference'>CVE ID</span>, provided by a <span class='cve-term-reference'>CNA</span>. This data is provided in multiple human and machine-readable formats. <p>A CVE Record is associated with one of the following states:</p><ul class='cve-term-definition-list'><li><span class='cve-term-reference'>Reserved</span>: The initial state for a CVE Record; when the associated CVE ID is Reserved by a CNA.</li><li><span class='cve-term-reference'>Published</span>: When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published. The associated data must contain an identification number (CVE ID), a prose description, and at least one public reference.</li><li><span class='cve-term-reference'>Rejected</span>: If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.</li></ul><p>See also:</p><ul class='cve-term-definition-list'><li>The full requirements for a CVE Record can be found in <a href='/ResourcesSupport/AllResources/CNARules#section_8-1_cve_entry_information_requirements'> Section 8.1. CVE Record Information Requirements of the CNA Rules</a> document. Data elements within a CVE Record are defined in <a href ='/ResourcesSupport/AllResources/CNARules#section_7_assignment_rules'> Section 7. Assignment Rules </a> of the CNA Rules document.</li><li>See <a href ='/ResourcesSupport/AllResources/CNARules#section_8-3_cve_entry_reference_requirements'> Section 8.3 Reference Requirements</a> of the CNA Rules for the requirements for the <span class='cve-term-reference'>CVE Program</span> to consider a CVE ID public.</li></ul>"
     },
     {
 	"id": "glossaryWG",
@@ -56,8 +52,8 @@
     },
     {
 	"id": "glossaryRoot",
-	"term": "Root CNA",
-	"definition": "An organization authorized within the <span class='cve-term-reference'>CVE Program</span> that is responsible, within a specific Scope, for the recruitment, training, and governance of one or more entities that are a CVE <span class='cve-term-reference'>CNA</span>, <span class='cve-term-reference'>CNA-LR</span>, an <span class='cve-term-reference'>ADP</span>, or another Root CNA."
+	"term": "Root",
+	"definition": "An organization authorized within the <span class='cve-term-reference'>CVE Program</span> that is responsible, within a specific Scope, for the recruitment, training, and governance of one or more entities that are a <span class='cve-term-reference'>CNA</span>, <span class='cve-term-reference'>CNA-LR</span>, or another Root."
     },
     {
 	"id": "glossaryScope",
@@ -71,8 +67,8 @@
     },
     {
 	"id": "glossaryTLRCNA",
-	"term": "Top-Level Root CNA (TLR-CNA)",
-	"definition": "A <span class='cve-term-reference'>Root CNA</span> that does not report to another Root CNA, and is thus responsible to the <span class='cve-term-reference'>CVE Board</span>."
+	"term": "Top-Level Root (TL-Root)",
+	"definition": "A <span class='cve-term-reference'>Root</span> that does not report to another Root, and is thus responsible to the <span class='cve-term-reference'>CVE Board</span>."
     },
     {
 	"id": "glossaryVulnerability",
diff --git a/src/views/About/Process.vue b/src/views/About/Process.vue
@@ -126,7 +126,7 @@
                         <div class="block">
                           <p>A CVE Record is the descriptive data about a vulnerability associated with a CVE ID, provided by a CVE Numbering
                             Authority (<router-link to='/About/Glossary?activeTerm=glossaryCNA'>CNA</router-link>), and enriched by
-                            Authorized Data Publishers (<router-link to='/About/Glossary?activeTerm=glossaryADP'>ADPs</router-link>).
+                            Authorized Data Publishers (ADPs).
                             This data is provided in multiple human and machine-readable formats.
                           </p>
                           <p>Each CVE Record includes the following:</p>
diff --git a/src/views/PartnerInformation/Partner.vue b/src/views/PartnerInformation/Partner.vue
@@ -10,7 +10,7 @@
               about the roles of organizations participating as <a href='/About/Glossary?activeTerm=glossaryVulnerability'>vulnerability</a>
               associated with a CVE ID, provided by a <a href='/About/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a>,
               <a href='/About/Glossary?activeTerm=glossaryRoot'>Root CNAs</a>, and
-              <a href='/About/Glossary?activeTerm=glossaryADP'>Authorized Data Publishers (ADPs)</a>.
+              Authorized Data Publishers (ADPs).
             </p>
 
             <div class="content pt-4 is-hidden-desktop">

Original file line number	Diff line number	Diff line change
`@@ -166,7 +166,7 @@`
`166`	`166`	`"questionId": "what_is_cve_record",`
`167`	`167`	`"questionText": "What is a CVE Record",`
`168`	`168`	`"questionResponseParagraphs": [`
`169`		`- "A CVE Record is the descriptive data about a <a href='/About/Glossary?activeTerm=glossaryVulnerability'>vulnerability</a> associated with a CVE ID, provided by a <a href='/About/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a>, and enriched by <a href='/About/Glossary?activeTerm=glossaryADP'>Authorized Data Publishers (ADPs)</a>. This data is provided in multiple human and machine-readable formats.",`
	`169`	`+ "A CVE Record is the descriptive data about a <a href='/About/Glossary?activeTerm=glossaryVulnerability'>vulnerability</a> associated with a CVE ID, provided by a <a href='/About/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a>, and enriched by Authorized Data Publishers (ADPs). This data is provided in multiple human and machine-readable formats.",`
`170`	`170`	`"See <a href='/About/Process#CVE_Records'>CVE Process</a> for additional information."`
`171`	`171`	`]`
`172`	`172`	`},`
Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,5 @@`
`1`	`1`	`[`
`2`		`- {`
`3`		`- "id": "glossaryADP",`
`4`		`- "term": "Authorized Data Publisher (ADP)",`
`5`		`- "definition": "An organization authorized within the <span class='cve-term-reference'>CVE Program</span> to enrich a <span class='cve-term-reference'>CVE Record</span> previously published by a CNA with additional, related information (e.g., risk scores, affected product lists, and versions [i.e., references, translations]) within a defined Scope."`
`6`		`- },`
	`2`	`+`
`7`	`3`	`{`
`8`	`4`	`"id": "glossaryCVE",`
`9`	`5`	`"term": "CVE",`
`@@ -16,7 +12,7 @@`
`16`	`12`	`},`
`17`	`13`	`{`
`18`	`14`	`"id": "glossaryCVEID",`
`19`		`- "term": "CVE ID",`
	`15`	`+ "term": "CVE Identifier (CVE ID)",`
`20`	`16`	`"definition": "A unique, alphanumeric identifier assigned by the <span class='cve-term-reference'>CVE Program</span>. Each identifier references a specific vulnerability. A CVE ID enables automation and multiple parties to discuss, share, and correlate information about a specific vulnerability, knowing they are referring to the same thing."`
`21`	`17`	`},`
`22`	`18`	`{`
`@@ -37,12 +33,12 @@`
`37`	`33`	`{`
`38`	`34`	`"id": "glossaryProgram",`
`39`	`35`	`"term": "CVE Program",`
`40`		`- "definition": "An international, community-driven effort to catalog <span class='cve-term-reference'>Vulnerabilities</span> in accordance with the effort’s rules and guidelines."`
	`36`	`+ "definition": "An international, community-driven effort to catalog <span class='cve-term-reference'>vulnerabilities</span> in accordance with the effort’s rules and guidelines."`
`41`	`37`	`},`
`42`	`38`	`{`
`43`	`39`	`"id": "glossaryRecord",`
`44`	`40`	`"term": "CVE Record",`
`45`		- "definition": "The descriptive data about a <span class='cve-term-reference'>Vulnerability</span> associated with a <span class='cve-term-reference'>CVE ID</span>, provided by a <span class='cve-term-reference'>CNA</span>, and enriched by <span class='cve-term-reference'>ADPs</span>. This data is provided in multiple human and machine-readable formats. <p>A CVE Record is associated with one of the following states:</p><ul class='cve-term-definition-list'><li><span class='cve-term-reference'>Reserved</span>: The initial state for a CVE Record; when the associated CVE ID is Reserved by a CNA.</li><li><span class='cve-term-reference'>Published</span>: When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published. The associated data must contain an identification number (CVE ID), a prose description, and at least one public reference.</li><li><span class='cve-term-reference'>Rejected</span>: If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.</li></ul><p>See also:</p><ul class='cve-term-definition-list'><li>The full requirements for a CVE Record can be found in Section 8.1. CVE Entry Information Requirements of the CNA Rules document. Data elements within a CVE Record are defined in Section 7. Assignment Rules of the CNA Rules document.</li><li>See Section 8.3 Reference Requirements of the CNA Rules for the requirements for the <span class='cve-term-reference'>CVE Program</span> to consider a CVE ID public.</li></ul>"
	`41`	+ "definition": "The descriptive data about a <span class='cve-term-reference'>Vulnerability</span> associated with a <span class='cve-term-reference'>CVE ID</span>, provided by a <span class='cve-term-reference'>CNA</span>. This data is provided in multiple human and machine-readable formats. <p>A CVE Record is associated with one of the following states:</p><ul class='cve-term-definition-list'><li><span class='cve-term-reference'>Reserved</span>: The initial state for a CVE Record; when the associated CVE ID is Reserved by a CNA.</li><li><span class='cve-term-reference'>Published</span>: When a CNA populates the data associated with a CVE ID as a CVE Record, the state of the CVE Record is Published. The associated data must contain an identification number (CVE ID), a prose description, and at least one public reference.</li><li><span class='cve-term-reference'>Rejected</span>: If the CVE ID and associated CVE Record should no longer be used, the CVE Record is placed in the Rejected state. A Rejected CVE Record remains on the CVE List so that users can know when it is invalid.</li></ul><p>See also:</p><ul class='cve-term-definition-list'><li>The full requirements for a CVE Record can be found in <a href='/ResourcesSupport/AllResources/CNARules#section_8-1_cve_entry_information_requirements'> Section 8.1. CVE Record Information Requirements of the CNA Rules</a> document. Data elements within a CVE Record are defined in <a href ='/ResourcesSupport/AllResources/CNARules#section_7_assignment_rules'> Section 7. Assignment Rules </a> of the CNA Rules document.</li><li>See <a href ='/ResourcesSupport/AllResources/CNARules#section_8-3_cve_entry_reference_requirements'> Section 8.3 Reference Requirements</a> of the CNA Rules for the requirements for the <span class='cve-term-reference'>CVE Program</span> to consider a CVE ID public.</li></ul>"
`46`	`42`	`},`
`47`	`43`	`{`
`48`	`44`	`"id": "glossaryWG",`
`@@ -56,8 +52,8 @@`
`56`	`52`	`},`
`57`	`53`	`{`
`58`	`54`	`"id": "glossaryRoot",`
`59`		`- "term": "Root CNA",`
`60`		`- "definition": "An organization authorized within the <span class='cve-term-reference'>CVE Program</span> that is responsible, within a specific Scope, for the recruitment, training, and governance of one or more entities that are a CVE <span class='cve-term-reference'>CNA</span>, <span class='cve-term-reference'>CNA-LR</span>, an <span class='cve-term-reference'>ADP</span>, or another Root CNA."`
	`55`	`+ "term": "Root",`
	`56`	`+ "definition": "An organization authorized within the <span class='cve-term-reference'>CVE Program</span> that is responsible, within a specific Scope, for the recruitment, training, and governance of one or more entities that are a <span class='cve-term-reference'>CNA</span>, <span class='cve-term-reference'>CNA-LR</span>, or another Root."`
`61`	`57`	`},`
`62`	`58`	`{`
`63`	`59`	`"id": "glossaryScope",`
`@@ -71,8 +67,8 @@`
`71`	`67`	`},`
`72`	`68`	`{`
`73`	`69`	`"id": "glossaryTLRCNA",`
`74`		`- "term": "Top-Level Root CNA (TLR-CNA)",`
`75`		`- "definition": "A <span class='cve-term-reference'>Root CNA</span> that does not report to another Root CNA, and is thus responsible to the <span class='cve-term-reference'>CVE Board</span>."`
	`70`	`+ "term": "Top-Level Root (TL-Root)",`
	`71`	`+ "definition": "A <span class='cve-term-reference'>Root</span> that does not report to another Root, and is thus responsible to the <span class='cve-term-reference'>CVE Board</span>."`
`76`	`72`	`},`
`77`	`73`	`{`
`78`	`74`	`"id": "glossaryVulnerability",`