adjust spacing

Signed-off-by: Nick Boldt <[email protected]>

Author: nickboldt

modules/release-notes/single-source-fixed-security-issues.sh

@@ -28,20 +28,18 @@ single_source_from_security_data () {
     echo "ERROR: The ${list} file is missing. You must create it to proceed. For a given version, can collect the list of CVEs from a JIRA query like https://issues.redhat.com/issues/?jql=labels%3DSecurityTracking+and+project%3DRHIDP+and+fixversion%3D1.3.1 or list of Erratas from https://errata.devel.redhat.com/advisory/filters/4213"
     exit 1
   fi
-  echo "= ${title}" > "$destination"
+  echo -e "= ${title}" > "$destination"
   while IFS="" read -r cve || [ -n "$cve" ]; do
     if [[ ${cve} != "#"* ]] && [[ $cve != "" ]]; then # skip commented and blank lines
       # Start the list.
-      echo "link:https://access.redhat.com/security/cve/$cve[$cve]::" >> "$destination"
+      echo -e "\nlink:https://access.redhat.com/security/cve/$cve[$cve]::" >> "$destination"
       # Call the API to return a list of details.
       # Red Hat is last if there is one.
       # Red Hat details is single line.
       # MITRE details are multiline.
       # We keep Red Hat details if present.
       # We keep only the first two lines on MITRE details.
       curl -s "https://access.redhat.com/hydra/rest/securitydata/cve/$cve.json" | jq -r '.details[-1]' | head -n 2 >> "$destination"
-      # Add a separation
-      echo "" >> "$destination"
   fi
   done < "$list"
   echo "include::${destination##*release-notes/}[leveloffset=+2]"

modules/release-notes/snip-fixed-security-issues-in-product-1.2.5.adoc

@@ -1,4 +1,5 @@
 = {product} dependency updates
+
 link:https://access.redhat.com/security/cve/CVE-2024-21529[CVE-2024-21529]::
 A flaw was found in the dset package. Affected versions of this package are vulnerable to Prototype Pollution via the dset function due to improper user input sanitization. This vulnerability allows the attacker to inject a malicious object property using the built-in Object property __proto__, which is recursively assigned to all the objects in the program.
 
@@ -10,4 +11,3 @@ A flaw was found in Go. The net/http module mishandles specific server responses
 
 link:https://access.redhat.com/security/cve/CVE-2024-39249[CVE-2024-39249]::
 A flaw was found in the async Node.js package. A Regular expression Denial of Service (ReDoS) attack can potentially be triggered via the autoinject function while parsing specially crafted input.
-

modules/release-notes/snip-fixed-security-issues-in-rpm-1.2.5.adoc

@@ -1,4 +1,5 @@
 = RHEL 9 platform RPM updates
+
 link:https://access.redhat.com/security/cve/CVE-2024-37371[CVE-2024-37371]::
 A vulnerability was found in Kerberos. This flaw is due to an issue with message token handling.
 
@@ -22,4 +23,3 @@ A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c.
 
 link:https://access.redhat.com/security/cve/CVE-2024-6119[CVE-2024-6119]::
 A flaw was found in OpenSSL. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process.
-