Merge "Updated CVSS v3.x"

doc/source/_includes/cve-maintenance-0eaf7f8697bc.rest

@@ -2,14 +2,3 @@
 .. begin-CVE
 .. end-CVE
 
-.. CentOS-begin
-.. CentOS-end
-
-.. CVE-visibility-begin
-.. CVE-visibility-end
-
-.. Debian-begin
-.. Debian-end
-
-.. CVE-visibility-1-begin
-.. CVE-visibility-1-end

doc/source/security/kubernetes/cve-maintenance-723cd9dd54b3.rst

@@ -4,9 +4,6 @@
 CVE Maintenance
 ===============
 
-On a monthly basis, the master development branch of |prod| is scanned for
-|CVE|'s and the reports that are generated are reviewed by the Security team.
-
 .. only:: partner
 
    .. include:: /_includes/cve-maintenance-0eaf7f8697bc.rest
@@ -15,27 +12,26 @@ On a monthly basis, the master development branch of |prod| is scanned for
 
 .. only:: starlingx
    
-   For |CVE|'s which meet StarlingX's ``CVE Fix Criteria Policy`` as documented
+   On a monthly basis, the master development branch of StarlingX is scanned
-   below, fixes are provided for the |CVE| in the StarlingX master branch.
+   for CVEs using the third party tool ``Vulscan`` to provide an unbiased view
+   of vulnerabilities. The generated reports are reviewed by the Security team.
+   For |CVE|'s which meet StarlingX's CVE Fix Criteria Policy as documented
+   below, fixes are provided in the StarlingX master branch.
 
-For Debian-based versions of |prod| |deb-release-ver|:
+   .. note::
       
-.. only:: partner
+      There are no scans executed or |CVE| fixes implemeneted on the released
+      versions / branches on StarlingX.
 
-   .. include:: /_includes/cve-maintenance-0eaf7f8697bc.rest
+   For the current Debian-based versions of StarlingX:
-      :start-after: Debian-begin
-      :end-before: Debian-end
    
--  The third party tool ``Vulscan`` is used to scan for |CVE|'s to provide an
+   -  |CVSS| v3.x base scores and base metrics are used in the |CVE| fix criteria
-   unbiased view of vulnerabilities
-
--  |CVSS| v3 base scores and base metrics are used in the |CVE| fix criteria
 
    -  The |CVE| ``Fix Criteria Policy`` is:
 
       -  Main Fix Criteria
 
-      -  |CVSS| v3 Base score >= 7.0
+         -  |CVSS| v3.x Base score >= 7.0
          -  Base Metrics has the following:
 
             -  Attack Vector: Network
@@ -47,22 +43,11 @@ For Debian-based versions of |prod| |deb-release-ver|:
 
       -  OR, visibility is HIGH and a correction is available upstream
 
-.. only:: partner
+   In the past, for older CentOS-based versions of StarlingX:
    
-   .. include:: /_includes/cve-maintenance-0eaf7f8697bc.rest
+   -  |CVSS| v2 base scores and base vectors were used in the |CVE| fix criteria
-      :start-after: CVE-visibility-1-begin
-      :end-before: CVE-visibility-1-end
    
-For older CentOS-based versions of |prod|:
+   -  The |CVE| ``Fix Criteria Policy`` was:
-
-.. only:: partner
-
-   .. include:: /_includes/cve-maintenance-0eaf7f8697bc.rest
-      :start-after: CentOS-begin
-      :end-before: CentOS-end
-
--  |CVSS| v2 base scores and base vectors are used in the |CVE| fix criteria
--  The |CVE| ``Fix Criteria Policy`` is:
 
       -  Main Fix Criteria
 
@@ -73,12 +58,7 @@ For older CentOS-based versions of |prod|:
             -  Access Complexity: Low
             -  Authentication: None or Single
             -  Availability Impact: Partial/Complete
-      -  A correction is available upstream
          
-   -  OR, visibility is HIGH and a correction is available upstream
+         -  A correction was available upstream
 
-.. only:: partner
+      -  OR, visibility was HIGH and a correction was available upstream
-
-   .. include:: /_includes/cve-maintenance-0eaf7f8697bc.rest
-      :start-after: CVE-visibility-begin
-      :end-before: CVE-visibility-end