Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add VDT IT support: updated vulnerable package not reported as solved #4389

Merged
merged 6 commits into from
Aug 11, 2023

Conversation

Deblintrake09
Copy link
Contributor

@Deblintrake09 Deblintrake09 commented Aug 3, 2023

Related issue
#4045

Description

This Issue aims to add IT support to verify when a package is vulnerable to a CVE and updated to a version that is still vulnerable, there is no alert showing the vulnerability as solved

Added

  • Test module test_scan_updated_package_still_vulnerable.py

Testing performed

Tester Test path Jenkins Local OS Commit Notes
@Deblintrake09 (Developer) test_vulnerability_detector 🟢🟢🟢 ⚫⚫⚫ Centos manager 93d5702 Nothing to highlight
@user (Reviewer) ⚫⚫⚫ 🚫 🚫 🚫 Nothing to highlight

Copy link
Contributor

@mauromalara mauromalara left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great Job! 👏🏻

🗒️ Only a few changes are required.
⚠️ Please, run the tests in Jenkins with the updated branch after applying said changes.

Copy link
Contributor

@mauromalara mauromalara left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! 🚀

@BelenValdivia
Copy link
Contributor

LGTM!

@Rebits Rebits merged commit cfd85dc into 4.7.0 Aug 11, 2023
@Rebits Rebits deleted the 4045-vdt-package-still-vuln branch August 11, 2023 10:40
@Deblintrake09
Copy link
Contributor Author

This development has already been merged into Master, new target. So no new PR needed.

Merged in ea84bee

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add VDT does not report updated vulnerable packages as Solved IT support
4 participants