Find older versions and include them

Make 3.1 the current master.
Delete 3.0.2 as it will not be released.
Archive 3.0 artefacts
Archive 3.0.1 artefacts
Find all old 1.0 content and archive it
Find as much 2.0 content and archive it

Author: vanderaj

1.0/About_OWASP_ASVS_Executive_Presentation.ppt

@@ -0,0 +1,78 @@
+Top Cover:
+----------
+
+OWASP The Open Web Application Sécurity Project
+OWASP Projet Ouvert de Sécurité d'application Web
+
+OWASP Application Security Verification Standard 2009
+Standard OWASP de vérification de la sécurité d'application 2009
+
+- Web Application Standard
+- Standard d'application Web
+
+release
+version finale
+
+( if needed for versioning :
+
+  alpha
+  version alpha
+
+  beta
+  version beta
+)
+
+Creative Commons (CC) Attribution Share-Alike
+Creative Commons (CC) Attribution Partage à l'identique
+
+
+Bottom cover:
+-------------
+
+THE BELOW ICONS REPRESENT WHAT OTHER VERSIONS ARE AVAILABLE IN PRINT FOR THIS LITTLE BOOK.
+LES ICONES CI-DESSOUS REPRESENTENT LES DIFFERENTES VERSIONS DISPONIBLES POUR CE DOCUMENT.
+
+ALPHA: "Alpha Quality" book content is a working draft. Content is very rough and in development until the next level of publication.
+ALPHA : Une "version alpha" du document est une ébauche approximative, son contenu est en cours de développement jusqu'à la prochaine version publié.
+
+BETA: "Beta Quality" book content is the next highest level. Content is still in development until the next publishing.
+BETA : Une "version beta" du document est un niveau supérieur de qualité, son contenu en cours de développement jusqu'à la prochaine version publié.
+
+RELEASE: "Release Quality" book content is the highest level of quality in a books title's lifecycle, and is a final product.
+FINALE : Une "version finale" du document est le plus haut niveau de qualité de développement d'un document, c'est un produit fini.
+
+ALPHA PUBLISHED
+VERSION ALPHA
+
+BETA PUBLISHED
+VERSION BETA
+
+RELEASE PUBLISHED
+VERSION FINALE
+
+YOU ARE FREE:
+VOUS ETES LIBRE :
+
+to share - to copy, distribute and transmit the work
+de partager - copier, distribuer et transmettre le travail
+
+to remix - to adapt the work
+de modifier - adapter le travail
+
+UNDER THE FOLLOWING CONDITIONS:
+SOUS LES CONDITIONS SUIVANTES :
+
+Attribution. You must attribute the work in the manner specified by the author or licensor (but not in way that they endorse you or your use of the work).
+
+Share Alike. - If you alter, transform, or build upon this work, you may distribute the resulting work only under the same, similar or a compatible license.
+
+OWASP The Open Web Application Security Project
+OWASP Projet de sécurité des applications web
+
+The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security "visible", so that people and organizations can make informed decisions about application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. The OWASP Foundation is a 501c3 not for profit charitable organization that ensures the ongoing availability and support for our work.
+Le projet de sécurité des applications web (OWASP) est une communauté mondiale libre et ouverte, focalisée sur l'amélioration de la sécurité des applications logicielles. Notre mission est de rendre la sécurité des applications "visible", de sorte à ce que les gens et les organisations, puissent prendre des décisions éclairées à propos des risques de sécurité liés aux applications. Chacun est libre de participer au projet OWASP, et tous nos produits sont disponibles sous une licence logicielle libre et ouverte. La fondation OWASP organisation à but non lucratif qui assure la disponibilité continue de notre travail.
+
+
+On the cover: Braconid wasps, beetles, and aphids. After a female injects an egg into a host, the larva feeds slowly on that single host. By the time the host dies, the larva is fully grown. It pupates inside or near the dead host, sometimes in a sikken cocoon, to emerge later as an adult wasp. 
+Sur la couverture : guêpes parasites, scarabées, et pucerons. Après que la femelle injecte un oeuf dans un hôte, la larve s'alimente doucement depuis cet hôte. Avec le temps l'hôte meurt, la larve elle, est devenue grande. Elle se transforme alors en chrysalide dans ou à coté de son hôte, parfois dans un cocon, pour sortir plus tard en guêpe adulte.
+

1.0/OWASP_ASVS_Presentation_Abstract.doc

@@ -0,0 +1,55 @@
+<?xml version="1.0"?>
+
+<xsl:stylesheet version="1.0"
+	xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+	<xsl:variable name="level_from" select="1" />
+	<xsl:variable name="level_to" select="6" />
+
+	<xsl:template match="/">
+		<html>
+			<head>
+				<title>ASVS Checklist</title>
+			</head>
+			<body>
+				<h1>ASVS Checklist</h1>
+				<xsl:apply-templates select="asvs/category" />
+			</body>
+		</html>
+	</xsl:template>
+
+	<xsl:template match="category">
+		<h2>
+			<xsl:value-of select="name" />
+		</h2>
+		<table cellspacing="0" cellpadding="2" border="1">
+			<tr><th>#</th><th>Description</th><th>1A</th><th>1B</th><th>2A</th><th>2B</th><th>3</th><th>4</th></tr>
+			<xsl:apply-templates
+				select="item[include[@level&gt;=$level_from and @level&lt;=$level_to]='true']" />
+		</table>
+	</xsl:template>
+
+	<xsl:template match="item">
+		<tr>
+			<xsl:apply-templates select="description|include" />
+		</tr>
+	</xsl:template>
+
+	<xsl:template match="include">
+		<td width="10" align="center">
+			<xsl:if test="text()='true'">
+				x
+			</xsl:if>
+		</td>
+	</xsl:template>
+
+	<xsl:template match="description">
+		<td>
+			<xsl:value-of select="../@id" />
+		</td>
+		<td>
+			<xsl:value-of select="." />
+		</td>
+	</xsl:template>
+
+</xsl:stylesheet>

1.0/asvs-covers-fr-texts.txt

@@ -0,0 +1,100 @@
+<?xml version="1.0"?>
+
+<xsl:stylesheet version="1.0"
+	xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:table="urn:oasis:names:tc:opendocument:xmlns:table:1.0"
+	xmlns:text="urn:oasis:names:tc:opendocument:xmlns:text:1.0">
+
+	<xsl:template match="/">
+		<xsl:processing-instruction name="xml-stylesheet">
+			href="asvs.xsl" type="text/xsl"
+		</xsl:processing-instruction>
+
+		<asvs>
+			<xsl:apply-templates select="//table:table[position()&lt;=14]"
+				mode="asvs" />
+		</asvs>
+	</xsl:template>
+
+	<xsl:template match="table:table" mode="asvs">
+		<category id="V{position()}">
+			<name>
+				<xsl:value-of select="preceding-sibling::text:p[position()=1]" />
+			</name>
+			<xsl:apply-templates select="table:table-row[position()&gt;1]"
+				mode="asvs" />
+		</category>
+	</xsl:template>
+
+	<xsl:template match="table:table" mode="html">
+		<h1>
+			<xsl:value-of select="preceding-sibling::text:p[position()=1]" />
+		</h1>
+		<table name="{@table:name}" border="1">
+			<xsl:apply-templates select="table:table-row"
+				mode="html" />
+		</table>
+	</xsl:template>
+
+	<xsl:template match="table:table-row" mode="asvs">
+		<item
+			id="V{count(parent::*/preceding-sibling::table:table)+1}.{position()}">
+			<xsl:apply-templates select="table:table-cell"
+				mode="asvs" />
+		</item>
+	</xsl:template>
+
+	<xsl:template match="table:table-row" mode="html">
+		<tr name="{position()}">
+			<xsl:apply-templates select="table:table-cell"
+				mode="html" />
+		</tr>
+	</xsl:template>
+
+	<xsl:template match="table:table-cell" mode="html">
+		<xsl:choose>
+			<xsl:when test="position()=1">
+				<td>
+					<xsl:value-of select="count(parent::*/preceding-sibling::*)-3" />
+				</td>
+				<td>
+					<xsl:value-of select=".//text:p/text()" />
+				</td>
+			</xsl:when>
+			<xsl:otherwise>
+				<td level="{position()}">
+					<xsl:choose>
+						<xsl:when test="text:p/text()='&#xF0FC;'">
+							x
+						</xsl:when>
+						<xsl:otherwise>
+							<xsl:value-of select="text:p/text()" />
+						</xsl:otherwise>
+					</xsl:choose>
+				</td>
+			</xsl:otherwise>
+		</xsl:choose>
+	</xsl:template>
+
+	<xsl:template match="table:table-cell" mode="asvs">
+		<xsl:choose>
+			<xsl:when test="position()=1">
+				<description>
+					<xsl:value-of select=".//text:p/text()" />
+				</description>
+			</xsl:when>
+			<xsl:otherwise>
+				<include level="{position()-1}">
+					<xsl:choose>
+						<xsl:when test="text:p/text()='&#xF0FC;'">
+							true
+						</xsl:when>
+						<xsl:otherwise>
+							<xsl:value-of select="text:p/text()" />
+						</xsl:otherwise>
+					</xsl:choose>
+				</include>
+			</xsl:otherwise>
+		</xsl:choose>
+	</xsl:template>
+
+</xsl:stylesheet>

1.0/asvs-pictures-pt-br.zip

@@ -0,0 +1,28 @@
+From: Pekka Sillanp�� [mailto:[email protected]] 
+Sent: Tuesday, December 01, 2009 11:05 AM
+To: Boberski, Michael [USA]
+Subject: Re: Owasp ASVS two versions
+
+
+Hello,
+
+
+Whoops, this took quite a while :) Yes, you may add Nixu to the list of ASVS users.
+
+
+Finally had some time to play with xslt:s to make the conversion. I might still improve the namespace a bit, but this basically does what we need. Do you have any additional ideas? Now it's just quick and dirty solution to fit into our needs.
+
+
+I attached few files. If you open the asvs.xml in a browser, you should see how it works. (at least FF does the xslt-conversion). Within the asvs.xsl file you can choose which levels should be included in the "checklist", so only the checks relevant to the specified level(s) are listed. (level_to and level_from params)
+
+
+To create asvs.xml from the ASVS document:
+
+
+1. Convert ASVSxxx.doc to ASVSxxx.odt in OpenOffice
+2. Unzip content.xml from ASVSxxx.odt
+3. xsltproc odt2asvs.xsl content.xml > asvs.xml
+
+
+Regards,
+Pekka