Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider remediations for packages' vulnerabilities scan #23225

Merged
merged 42 commits into from May 16, 2024
Merged

Consider remediations for packages' vulnerabilities scan #23225

merged 42 commits into from May 16, 2024

Conversation

pereyra-m
Copy link
Member

@pereyra-m pereyra-m commented May 3, 2024
edited by sebasfalcone

Related issue
Closes #23066

Description

This PR solves two different situations:

  • The Windows packages that have hotfixes report false positives
  • The insertion of a hotfix solves a package vulnerability

It was required to create a new cache with the agents' hotfixes and to store all the CVEs that affect a hotfix in a new DB column.

Logs/Alerts example

The vulnerability shown in the issue isn't being reported because the versions don't match.
After inserting a temporal candidate with the version 16.0.4266.1001

./src/build/wazuh_modules/vulnerability_scanner/testtool/rocksDBQuery/rocks_db_query_testtool -d /var/ossec/queue/vd/feed/ -f /workspaces/wazuh/src/wazuh_modules/vulnerability_scanner/schemas/vulnerabilityCandidate.fbs -c nvd -k office_CVE-2024-21413 -v '{  "candidates": [    {      "cveId": "CVE-2024-21413",      "defaultStatus": "unaffected",      "versions": [        {          "version": "2016"        },        {          "version": "2019"        },        {          "version": "16.0.4266.1001"        }      ],      "vendor": "microsoft"    }  ]}'

The vulnerability is found

Details 

2024/05/03 04:02:57 wazuh-modulesd:vulnerability-scanner[164578] packageScanner.hpp:353 at vendorVerify(): DEBUG: Vendor match for Package: office, Version: 16.0.4266.1001, CVE: CVE-2024-21413, Vendor: microsoft
2024/05/03 04:02:57 wazuh-modulesd:vulnerability-scanner[164578] packageScanner.hpp:386 at versionMatch(): DEBUG: Scanning package - 'office' (Installed Version: 16.0.4266.1001, Security Vulnerability: CVE-2024-21413). Identified vulnerability: Version: 2016. Required Version Threshold: . Required Version Threshold (or Equal): .
2024/05/03 04:02:57 wazuh-modulesd:vulnerability-scanner[164578] packageScanner.hpp:386 at versionMatch(): DEBUG: Scanning package - 'office' (Installed Version: 16.0.4266.1001, Security Vulnerability: CVE-2024-21413). Identified vulnerability: Version: 2019. Required Version Threshold: . Required Version Threshold (or Equal): .
2024/05/03 04:02:57 wazuh-modulesd:vulnerability-scanner[164578] packageScanner.hpp:386 at versionMatch(): DEBUG: Scanning package - 'office' (Installed Version: 16.0.4266.1001, Security Vulnerability: CVE-2024-21413). Identified vulnerability: Version: 16.0.4266.1001. Required Version Threshold: . Required Version Threshold (or Equal): .
2024/05/03 04:02:57 wazuh-modulesd:vulnerability-scanner[164578] packageScanner.hpp:406 at versionMatch(): DEBUG: Match found, the package 'office', is vulnerable to 'CVE-2024-21413'. Current version: '16.0.4266.1001' is equal to '16.0.4266.1001'. - Agent 'DESKTOP-EQ4F57D' (ID: '001', Version: 'v4.7.4').
2024/05/03 04:02:57 wazuh-modulesd:vulnerability-scanner[164578] packageScanner.hpp:583 at packageHotfixSolved(): DEBUG: No remediation for package 'office' on agent '001' that solves CVE 'CVE-2024-21413' has been found.
2024/05/03 04:02:57 wazuh-modulesd:vulnerability-scanner[164578] packageScanner.hpp:705 at handleRequest(): DEBUG: Vulnerability scan for package 'Microsoft Office Professional Plus 2016' on Agent '001' has completed.

If we repeat the scan but after installing a hotfix that solves the CVE, it isn't reported as vulnerable

Details 

2024/05/03 14:53:38 wazuh-modulesd:vulnerability-scanner[19994] packageScanner.hpp:387 at versionMatch(): DEBUG: Scanning package - 'office' (Installed Version: 16.0.4266.1001, Security Vulnerability: CVE-2024-21413). Identified vulnerability: Version: 16.0.4266.1001. Required Version Threshold: . Required Version Threshold (or Equal): .
2024/05/03 14:53:38 wazuh-modulesd:vulnerability-scanner[19994] packageScanner.hpp:407 at versionMatch(): DEBUG: Match found, the package 'office', is vulnerable to 'CVE-2024-21413'. Current version: '16.0.4266.1001' is equal to '16.0.4266.1001'. - Agent 'DESKTOP-EQ4F57D' (ID: '001', Version: 'v4.7.4').
2024/05/03 14:53:38 wazuh-modulesd:vulnerability-scanner[19994] packageScanner.hpp:571 at packageHotfixSolved(): DEBUG: Remediation 'KB5002537' for package 'office' on agent '001' that solves CVE 'CVE-2024-21413' has been found.
2024/05/03 14:53:38 wazuh-modulesd:vulnerability-scanner[19994] packageScanner.hpp:706 at handleRequest(): DEBUG: Vulnerability scan for package 'Microsoft Office Professional Plus 2016' on Agent '001' has completed.

If we now run the scan without the hotfix and the install it, we get the alert of vulnerability solved

WIP

Tests

  • Compilation without warnings in every supported platform
    • Linux
  • Source installation
  • Review logs syntax and correct language
  • Added unit tests (for new features)

@sebasfalcone sebasfalcone linked an issue May 3, 2024 that may be closed by this pull request
Packages vulnerability remediations do not work #23066
Closed
@sebasfalcone sebasfalcone force-pushed the fix/23066-packages-vulnerability-remediations-does-not-work branch 5 times, most recently from 731b0cf to c1a7027 Compare May 3, 2024 18:09
@MiguelazoDS MiguelazoDS force-pushed the fix/23066-packages-vulnerability-remediations-does-not-work branch from 621ded8 to 4cfad82 Compare May 4, 2024 14:25
@sebasfalcone sebasfalcone force-pushed the fix/23066-packages-vulnerability-remediations-does-not-work branch 3 times, most recently from 4f06218 to 3b1aca4 Compare May 8, 2024 17:49
@sebasfalcone sebasfalcone marked this pull request as ready for review May 9, 2024 18:08
@MiguelazoDS
Copy link
Member

MiguelazoDS commented May 9, 2024
edited

Testing 🔴

Environment

  • Manager Ubuntu Jammy
  • Agent Centos9
  • Agent Windows 11

Scan by events

Expand
  • Total vulnerabilities found

vulnerabilities.json
ossec.log.tar.gz

[!WARNING]
Even though the logs are at the debug level, the file increases considerably.

image
image

78 vulnerabilities for Ubuntu Jammy
2139 vulnerabilities for Centos 9
177 vulnerabilities for Windows 11
image

[!WARNING]
All vulnerabilities have the "Packages" category

image

  • 100 vulnerabilities are related to Office

image

  • Hotfixes
0|2024/05/09 15:38:30|KB2468871|8f99821b9e79bc2258cb56cd14cfcaf9bbeda8e5
0|2024/05/09 15:38:30|KB2478063|8511235ae3ab3b642d8ba429599092634fdde3a8
0|2024/05/09 15:38:30|KB2533523|b8c4cb9a2aeb6a64269e88f6116765420a65cd80
0|2024/05/09 15:38:30|KB2544514|8e468309f00c0f31b8a0f12a6a79d2658652e9e9
0|2024/05/09 15:38:30|KB2600211|cb13c01ba11045aabbb074fc3e61b0a3b2d88dd4
0|2024/05/09 15:38:30|KB2600217|8253af775746f8545784d27edb852281c9a06955
0|2024/05/09 15:38:30|KB5027397|6aa52f220a9aebb1004ed2c308b594e5b0b463d5
0|2024/05/09 15:38:31|KB5033055|854cea78b398263b458d45dce82d0933492101fb
0|2024/05/09 15:38:31|KB5033204|2fb8a48c29e02391dbdef7ae5ee0140cf472e332
0|2024/05/09 15:38:31|KB5034467|928dcc74c96a7e988c4949519077bcd1930c391f
0|2024/05/09 15:38:31|KB5034765|783910a4b666a6dc8aa38b967909c0f9c653ebf5

Scan after installing new KB

Expand 
0|2024/05/09 15:38:30|KB2468871|8f99821b9e79bc2258cb56cd14cfcaf9bbeda8e5
0|2024/05/09 15:38:30|KB2478063|8511235ae3ab3b642d8ba429599092634fdde3a8
0|2024/05/09 15:38:30|KB2533523|b8c4cb9a2aeb6a64269e88f6116765420a65cd80
0|2024/05/09 15:38:30|KB2544514|8e468309f00c0f31b8a0f12a6a79d2658652e9e9
0|2024/05/09 15:38:30|KB2600211|cb13c01ba11045aabbb074fc3e61b0a3b2d88dd4
0|2024/05/09 15:38:30|KB2600217|8253af775746f8545784d27edb852281c9a06955
0|2024/05/09 15:38:30|KB5027397|6aa52f220a9aebb1004ed2c308b594e5b0b463d5
0|2024/05/09 15:38:31|KB5033055|854cea78b398263b458d45dce82d0933492101fb
0|2024/05/09 15:38:31|KB5033204|2fb8a48c29e02391dbdef7ae5ee0140cf472e332
0|2024/05/09 15:38:31|KB5034467|928dcc74c96a7e988c4949519077bcd1930c391f
0|2024/05/09 15:38:31|KB5034765|783910a4b666a6dc8aa38b967909c0f9c653ebf5
0|2024/05/09 17:58:43|KB5002467|458904c3a67b0e784f288758142fc60b35315220

The last KB listed is the one installed to solve Office vulnerability related to CVE-2023-21413

Important

There are no changes in the vulnerabilities detected. During research @sebasfalcone @pereyra-m we found that the root cause is the missing hotfixes information in the database. (Database initialized in this branch)

Update 05/10/24

Database information

  • Hotfixes table is now available (content updated)

image

  • Candidates updated

image

Scan by events

Disparity found between indexed vulnerabilities and log messages.

Warning

There's a strange mismatch between the indexed vulnerabilities and the logs reporting a vulnerability has been found.
Evidence is attached here for further analysis.

image

Vulnerabilities overview

  • KB installation
    image

  • Hotfixes

0|2024/05/10 13:58:43|KB2468871|8f99821b9e79bc2258cb56cd14cfcaf9bbeda8e5
0|2024/05/10 13:58:43|KB2478063|8511235ae3ab3b642d8ba429599092634fdde3a8
0|2024/05/10 13:58:43|KB2533523|b8c4cb9a2aeb6a64269e88f6116765420a65cd80
0|2024/05/10 13:58:43|KB2544514|8e468309f00c0f31b8a0f12a6a79d2658652e9e9
0|2024/05/10 13:58:43|KB2600211|cb13c01ba11045aabbb074fc3e61b0a3b2d88dd4
0|2024/05/10 13:58:44|KB2600217|8253af775746f8545784d27edb852281c9a06955
0|2024/05/10 13:58:44|KB5027397|6aa52f220a9aebb1004ed2c308b594e5b0b463d5
0|2024/05/10 13:58:44|KB5033055|854cea78b398263b458d45dce82d0933492101fb
0|2024/05/10 13:58:44|KB5033204|2fb8a48c29e02391dbdef7ae5ee0140cf472e332
0|2024/05/10 13:58:44|KB5034467|928dcc74c96a7e988c4949519077bcd1930c391f
0|2024/05/10 13:58:44|KB5034765|783910a4b666a6dc8aa38b967909c0f9c653ebf5

77 vulnerabilities for Ubuntu Jammy
2139 vulnerabilities for Centos 9
178 vulnerabilities for Windows 11
image

100 out of 178 are office vulnerabilities
image

The CVEs related to office are the following
image

Scan after installing new KB (Syscollector sync forced)

  • Hotfixes (the last entry is the one installed to fix the vulnerability KB5002467)
0|2024/05/10 13:58:43|KB2468871|8f99821b9e79bc2258cb56cd14cfcaf9bbeda8e5
0|2024/05/10 13:58:43|KB2478063|8511235ae3ab3b642d8ba429599092634fdde3a8
0|2024/05/10 13:58:43|KB2533523|b8c4cb9a2aeb6a64269e88f6116765420a65cd80
0|2024/05/10 13:58:43|KB2544514|8e468309f00c0f31b8a0f12a6a79d2658652e9e9
0|2024/05/10 13:58:43|KB2600211|cb13c01ba11045aabbb074fc3e61b0a3b2d88dd4
0|2024/05/10 13:58:44|KB2600217|8253af775746f8545784d27edb852281c9a06955
0|2024/05/10 13:58:44|KB5027397|6aa52f220a9aebb1004ed2c308b594e5b0b463d5
0|2024/05/10 13:58:44|KB5033055|854cea78b398263b458d45dce82d0933492101fb
0|2024/05/10 13:58:44|KB5033204|2fb8a48c29e02391dbdef7ae5ee0140cf472e332
0|2024/05/10 13:58:44|KB5034467|928dcc74c96a7e988c4949519077bcd1930c391f
0|2024/05/10 13:58:44|KB5034765|783910a4b666a6dc8aa38b967909c0f9c653ebf5
0|2024/05/10 14:31:21|KB5002467|458904c3a67b0e784f288758142fc60b35315220
2024/05/10 11:32:19 wazuh-modulesd:vulnerability-scanner[25244] packageScanner.hpp:571 at packageHotfixSolved(): DEBUG: Remediation 'KB5002467' for package 'office' on agent '002' that solves CVE 'CVE-2024-21413' has been found.

No alerts as expected
image

10 vulnerabilities have been fixed

image
image
image

alerts.json
ossec.log
vulnerabilities.json

Scan by events without Office package

image

Warning

We still can see a mismatch between indexed vulnerabilities and log messages

image

Warning

The number of vulnerabilities indexed is NOT the expected one, (2384)

It's like it still evaluating the office package.

The package is not present in the database
image

There are no log messages referring to Office package
image

This behavior needs to be discussed with @sebasfalcone and @pereyra-m.

ossec.log.tar.gz
vulnerabilities.json

Vulnerabilities for non-existent package being indexed.

This wrong behavior was observed following these steps. (brief description of the testing executed above)

  • Windows agent with Office package installed.
  • Vulnerability detector database with hotfixes_applications and candidates WA for CVE-2024-21413.
  • Start Syscollector sync
  • Several vulnerabilities are being detected (2394 initially) for all agents.
  • A KB5002467 was installed
  • Syscollector sync forced through an agent restart
  • 10 vulnerabilities related to Office have been fixed. (2384) vulnerabilities left.
  • Manager and agents stopped
  • Agent databases deleted, vulnerability detector index deleted, ossec.log cleared
  • Office package uninstalled.
  • New syscollector sync forced.
  • No Office logs, no office package in agent database, but the same number of vulnerabilities indexed 2384.

Important

The tests related to this implementation were successful, after installing the KB the specific CVE affected was solved.
We can see here that under some uses the inventory is not cleaned properly leading to vulnerabilities for non-installed
packages are indexed.

@MiguelazoDS MiguelazoDS mentioned this pull request May 9, 2024
Closed
2 tasks
@sebasfalcone
Copy link
Member

sebasfalcone commented May 9, 2024
edited

Test - Install a KB for a vulnerable package 🟢

  • Installed Office 2016
    image

  • Installed KB to fix

2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_0011be200caf61ef8d0d0477e4e8f328c2c016ae_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_094055ceb0e2e63b0ecfcbb41a66541a1b1ca083_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_222ae3df7ad2779d4a42a9b02514089740cef63b_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_308b309694f41a18b3f99e1c8b05201eeafca00c_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_9a73b12da93578701cd1fab0b334407cf33d2dc0_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_9c5af1826923047935b52622447348b5b8160da4_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_aa43ca9f0c8b334c4f8270b0649dc05356bf9f7c_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_d9287b970add8f202e3f3e84012d6431ba79a471_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_e04aea6001b3db2555f84bae073b6e51a45636ff_CVE-2024-21413'.
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] cveSolvedInventorySync.hpp:72 at operator()(): DEBUG: CVE 'CVE-2024-21413' was remediated by hotfix 'KB5002467' for '002_efdf9aa5c8664cedd578be67fc58dd43119e2b30_CVE-2024-21413'.


2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] eventSendReport.hpp:89 at handleRequest(): DEBUG: Vulnerability report for agent ID 002, hotfix: KB5002467, cve: CVE-2024-21413


2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413
2024/05/09 17:36:00 wazuh-modulesd:vulnerability-scanner[245855] resultIndexer.hpp:56 at operator()(): DEBUG: Processing and publish key: CVE-2024-21413

image

@sebasfalcone
Copy link
Member

sebasfalcone commented May 9, 2024
edited

Test - Install vulnerable package (KB already installed) 🟢

  • Initial status
    image

  • Install Office 2016
    image

  • CVE-2024-21413 was not detected, as it was fixed with the KB

@sebasfalcone sebasfalcone force-pushed the fix/23066-packages-vulnerability-remediations-does-not-work branch from 1591584 to 6fbca36 Compare May 10, 2024 13:07
@pereyra-m pereyra-m marked this pull request as draft May 10, 2024 13:57
@sebasfalcone sebasfalcone marked this pull request as ready for review May 10, 2024 17:56
MiguelazoDS
MiguelazoDS previously approved these changes May 10, 2024
View reviewed changes
Copy link
Member

@MiguelazoDS MiguelazoDS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GJ! functional testing succeeded.

@sebasfalcone sebasfalcone force-pushed the fix/23066-packages-vulnerability-remediations-does-not-work branch from ca30dfa to 82e7171 Compare May 13, 2024 13:52
MiguelazoDS
MiguelazoDS previously approved these changes May 13, 2024
View reviewed changes
sebasfalcone
sebasfalcone previously approved these changes May 13, 2024
View reviewed changes
Dwordcito
Dwordcito requested changes May 14, 2024
View reviewed changes
Copy link
Member

@Dwordcito Dwordcito left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good, minor things. I'm worried that we didn't add a single component qa test, this shouldn't be too difficult to test with the testing framework we use.

src/wazuh_modules/vulnerability_scanner/src/scanOrchestrator/remediationDataCache.hpp Outdated Show resolved Hide resolved
src/wazuh_modules/vulnerability_scanner/src/scanOrchestrator/resultIndexer.hpp Outdated Show resolved Hide resolved
@Dwordcito
Copy link
Member

Dwordcito commented May 14, 2024
edited

please, rebase this PR.

sebasfalcone and others added 24 commits May 16, 2024 02:59
@sebasfalcone @pereyra-m
CL:
213761e 
- Fixed doxygen
@pereyra-m
Creating specific chain steps for hotfix insert orchestration
efe0150
@pereyra-m
CL:
a30db79 
- Updating tests with new remediation cache
@sebasfalcone @pereyra-m
CL:
2464aa7 
- Fixed clang format
@sebasfalcone @pereyra-m
CL:
3b69c2a 
- Fixed doxygen
@sebasfalcone @pereyra-m
CL:
4a1c332 
- Fixed typo (missing .hpp extention)
@sebasfalcone @pereyra-m
CL:
24d4848 
- Updated UTs to extend coverage
@sebasfalcone @pereyra-m
CL:
de9a7d2 
- Updated UTs to extend coverage
- Added LCOV exclusion macro to closing braces (known bug)
@sebasfalcone @pereyra-m
CL:
64c3c34 
- Extended UT to improve coverity
@sebasfalcone @pereyra-m
CL:
66bc187 
- Fixed failing UT
@pereyra-m
CL:
a2b4f23 
- Fix UT after rebase
@pereyra-m
CL:
57b4379 
- Add more logging for QA tests and fix hotfix answer
@pereyra-m
CL:
f599549 
- Fixing style
@sebasfalcone @pereyra-m
CL:
3af4dda 
- Aligned UTs with rebase changes
@sebasfalcone @pereyra-m
CL:
24eed50 
- Fixed class name
- Aligned with changes from #23358 after rebase
@sebasfalcone @pereyra-m
CL:
d8bf8b1 
- Fix: socketDBWrapper socket path was hardcoded
@sebasfalcone @pereyra-m
CL:
7c2ec86 
- Aligned with changes on dbWrapper
- Updated UTs to align with changes on dbWrapper
@pereyra-m
Adding component test for hotfixes feature
1a68ec7
@sebasfalcone @pereyra-m
CL:
db4f1c6 
- Fixed style
@sebasfalcone @pereyra-m
CL:
e43eb76 
- Fixed UTs (wrong trampoline initialization)
@sebasfalcone @pereyra-m
CL:
3a2f42a 
- Removed helper methods from scanContext
@sebasfalcone @pereyra-m
CL:
4a61099 
- Reverted changes on resultIndexer
- Created new class arrayResultIndexer (with reverted changes)
- Updated UTs
@sebasfalcone @pereyra-m
CL:
2b708e2 
- Restored changes on resultIndexer and updated UTs
- Added exception on bad type for arrayResultIndexer and updated UTs
@pereyra-m
Fixing style
ca7d93a
@pereyra-m pereyra-m force-pushed the fix/23066-packages-vulnerability-remediations-does-not-work branch from ebfd812 to ca7d93a Compare May 16, 2024 03:04
@Dwordcito Dwordcito merged commit 06ffb25 into 4.8.0 May 16, 2024
88 of 90 checks passed
@Dwordcito Dwordcito deleted the fix/23066-packages-vulnerability-remediations-does-not-work branch May 16, 2024 04:39
@pereyra-m pereyra-m mentioned this pull request May 16, 2024
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Dwordcito Dwordcito Dwordcito approved these changes

@GabrielEValenzuela GabrielEValenzuela Awaiting requested review from GabrielEValenzuela

@MiguelazoDS MiguelazoDS Awaiting requested review from MiguelazoDS

@sebasfalcone sebasfalcone Awaiting requested review from sebasfalcone

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Packages vulnerability remediations do not work
5 participants
@pereyra-m @MiguelazoDS @sebasfalcone @Dwordcito @GabrielEValenzuela