Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

advance vulnerability urls #10136

Merged
merged 1 commit into from
May 8, 2024
Merged

advance vulnerability urls #10136

merged 1 commit into from
May 8, 2024

Conversation

manuel-sommer
Copy link
Contributor

https://access.redhat.com/articles/explaining_redhat_errata
--> Add RHBA and RHEA
--> Also FEDORA

@github-actions github-actions bot added the settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR label May 7, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented May 7, 2024

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Configured Codepaths Analyzer 0 findings
Sensitive Files Analyzer 0 findings
AppSec Analyzer 0 findings
Authn/Authz Analyzer 0 findings
Secrets Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Change Summary (click to expand)

The following is a summary of changes in this pull request made by me, your security buddy 🤖.
Note that this summary is auto-generated and not meant to be a definitive list of security issues
but rather a helpful summary from a security perspective.

Summary:

The changes in this pull request appear to be focused on updating the list of vulnerability URL prefixes in the DefectDojo application settings. Specifically, the pull request adds three new vulnerability URL prefixes: RHBA, RHEA, and FEDORA. These new prefixes will be used to generate links to vulnerability information for findings associated with these vulnerability types, which should enhance the user experience and provide more comprehensive vulnerability information.

From an application security perspective, this change is relatively minor and does not introduce any significant security concerns. The changes are limited to updating the application's settings, which is a reasonable and expected improvement to the functionality of the DefectDojo application.

Files Changed:

  • dojo/settings/settings.dist.py: This file contains the application settings for the DefectDojo application. The changes in this pull request add the following new vulnerability URL prefixes to the list:

Powered by DryRun Security

@Maffooch Maffooch merged commit b13823a into DefectDojo:bugfix May 8, 2024
122 checks passed
@manuel-sommer manuel-sommer deleted the advanceVULNERABILITY_URLs branch May 8, 2024 23:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grendel513 grendel513 grendel513 approved these changes

@cneill cneill cneill approved these changes

@Maffooch Maffooch Maffooch approved these changes

@blakeaowens blakeaowens blakeaowens approved these changes

Assignees
No one assigned
Labels
settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@manuel-sommer @grendel513 @cneill @Maffooch @blakeaowens