Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add VDT does not report updated vulnerable packages as Solved IT #4359

Closed
wants to merge 15 commits into from

Conversation

Deblintrake09
Copy link
Contributor

@Deblintrake09 Deblintrake09 commented Jul 24, 2023

Related issue
#4045

Description

This Issue aims to add IT support to verify when a package is vulnerable to a CVE and updated to a version that is still vulnerable, there is no alert showing the vulnerability as solved

Added

  • Test module test_scan_updated_package_still_vulnerable.py

Testing performed

Tester Test path Jenkins Local OS Commit Notes
@Deblintrake09 (Developer) test_vulnerability_detector 🟢🟢🟢 ⚫⚫⚫ Centos manager 8a2002d Nothing to highlight
@user (Reviewer) ⚫⚫⚫ 🚫 🚫 🚫 Nothing to highlight

Deblintrake09 and others added 12 commits July 4, 2023 09:15
Add FIM Registry Wildcards IT support
* feat(#4281): New invalid decoder test case for wazuh-logtest

* fix(#4281): Fix invalid_decoder_syntax.yaml file line lengths

* feat(#4325): upgrade pyyaml to 6.0.1

* feat: bump version 4.5.2

* refactor(#4344): Add space to version json

* feat(#4344): add Release section

---------

Co-authored-by: Vikman Fernandez-Castro <vmfdez90@gmail.com>
Co-authored-by: Victor M. Fernandez-Castro <victor@wazuh.com>
Co-authored-by: jnasselle <jnasselle@gmail.com>
Co-authored-by: Julia <juliamgnr@gmail.com>
Co-authored-by: Julia Magán <80041853+juliamagan@users.noreply.github.com>
Co-authored-by: David Jose Iglesias Lopez <davidj.iglesias@wazuh.com>
Co-authored-by: Víctor Rebollo Pérez <victorrebollop@gmail.com>
* fix(#4356): fix configuration_templates path

* docs(#4356): update test wazuh_min_version
@Deblintrake09 Deblintrake09 changed the title 4045 vdt package updated still vulnerable Add VDT does not report updated vulnerable packages as Solved IT Jul 24, 2023
@Deblintrake09 Deblintrake09 self-assigned this Jul 24, 2023
@Deblintrake09 Deblintrake09 changed the base branch from 4.6.0 to 4.7.0 August 3, 2023 12:39
@Deblintrake09
Copy link
Contributor Author

Closing as this will be handled in #4389

@Deblintrake09 Deblintrake09 deleted the 4045-vdt-package-updated-still-vulnerable branch August 3, 2023 13:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants