The weakness "CWE-1060 Excessive Number of Inefficient Server-Side Data Accesses" is duplicated. Appears in 7.2.10 and 7.2.19

Eliminate duplicate CWE

CWE 1060 appears twice in Section 7.2. Delete second occurance.

Revise definitions of 'detection pattern' and 'weakness', add definition for 'weakness pattern', and delete definition for 'software quality measure'.

Revise definitions in 4

Revise definitions of 'detection pattern' and 'weakness', add definition for 'weakness pattern', and delete definition for 'software quality measure'.

Add 'Purpose' subsection to introduce objective of section 6

Add 'Purpose' subsection to 6

Add 'Purpose' subsection to introduce section 6

Correct text to indicate that ISO 25023 contains a few code level measures.

Correct ISO 25023 misstatement

Text states ISO 25023 has no code level measures, but a few exist in 25023.

Structured Metrics Metamodel was not used in this spec. Refereces to it should be removed

Remove references to SMM

Remove references to SMM in 4 places

'Sanitize User Input used in Expression Language Statement' is missing from the list of detection patterns, it must be added.

Missing detection pattern

'Sanitize User Input used in Expression Language Statement' is missing from the list of detection patterns, it must be added.

Remove compliance sentence and add clarification of parent-child CWEs treated as QMEs.

Revise discussion of Quality Measure Element

Remove compliance sentence and add clarification of parent-child CWEs treated as QMEs.

Incorrect detection patterns were assigned to CWE-1075.

Wrong detection pattern for CWE-1075

Correct the detection pattern for CWE-1075 and remove old pattern from list of patterns.

Revise numbers of QMEs for each measure after recount.

Revise numbers of QMEs for each measure

Revise numbers of QMEs for each measure after recount.

To be consistent with ISO formatting, change blue to gray and indicate the new color in paragraphs introducing CWE lists;

Change blue to gray

To be consistent with ISO formatting, change blue to gray in tables and indicate the new color in paragraphs introducing CWE lists;

Add detection pattern section numbers from section 8 to all detection patterns listed in section 7 to make searching for detection patterns easier.

Add detection pattern section number to section 7.

Add detection pattern section numbers from section 8 to all detection patterns listed in section 7.

Change references about CISQ measures and weaknesses to ASCQM measures and weaknesses.

Update Annex D to ASCQM from CISQ

Change references about CISQ measures and weaknesses to ASCQM measures and weaknesses.

Limit section 9 to calculation of the base measure and move derived measures to the annexes.

Limit section 9 to base measure and move section 10 to annexes

Limit section 9 to calculation of the base measure and move derived measures to the annexes and move section 10 to annexes

Add 2 references, change title to 'Bibliography', and move to end

Add 2 references, change title to 'Bibliography', and move to end

Add 2 references, change title to 'Bibliography', and move to end

Create Annex C: Related Quality Measures

Create Annex C Related Quality Measures

Create Annex C Related Quality Measures

Update Annex B to describe all CISQ weaknesses now being CWEs and remove the paragraph on the Top 25 CWEs since this was for the old Security measure.

Update Annex B on CWE status

Update Annex B to describe all CISQ weaknesses now being CWEs and remove the paragraph on the Top 25 CWEs since this was for the old Security measure.

Add normative reference for ISO 19506 and make other edits to reference citations as necessary to increase accuracy.

Add normative reference for ISO 19506

Add normative reference for ISO 19506 and make other edits to reference citations as necessary to increase accuracy.

Conformance requires the verb 'shall' rather than 'must'

Change 'must' to 'shall' in Conformance section

Change 'must' to 'shall' in Conformance section