Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New plugin to check for use of pyghmi #356

Closed
ericwb opened this issue Aug 6, 2018 · 0 comments · Fixed by #803
Closed

New plugin to check for use of pyghmi #356

ericwb opened this issue Aug 6, 2018 · 0 comments · Fixed by #803
Labels
enhancement New feature or request
Milestone
Release 1.7.3

Comments

@ericwb
Copy link
Member

ericwb commented Aug 6, 2018
edited
Loading

Is your feature request related to a problem? Please describe.
IPMI is known to be a non-secure protocol.

https://www.cisa.gov/uscert/ncas/alerts/TA13-207A

Describe the solution you'd like
New check plugin to detect use of pyghmi (python IPMI library).

Describe alternatives you've considered
N/A

Additional context
N/A
@ericwb ericwb added the enhancement New feature or request label Aug 6, 2018
@ericwb ericwb added the hacktoberfest https://hacktoberfest.digitalocean.com/ label Oct 1, 2018
@ericwb ericwb removed the hacktoberfest https://hacktoberfest.digitalocean.com/ label Oct 31, 2018
@ericwb ericwb added this to the Distant Future milestone May 9, 2019
@ericwb ericwb mentioned this issue Feb 4, 2022
Closed
ericwb pushed a commit that referenced this issue Feb 6, 2022
@stannum-l @ericwb
Add new plug-in to check pyghmi
8cf69d7 
This patch set adds a new bandit plugin to check the use of the
pyghmi library, as the IPMI is known to be an insecured protocol.

Closes: #356
Signed-off-by: Tin Lam <tin@irrational.io>
@ericwb ericwb mentioned this issue Feb 7, 2022
Merged
ericwb added a commit that referenced this issue Feb 7, 2022
@ericwb @stannum-l
Add new plugin to check use of pyghmi (#803)
d1622bf 
* Add new plugin to check use of pyghmi

This patch set adds a new bandit plugin to check the use of pyghmi.

Signed-off-by: Tin Lam <tin@irrational.io>

* Fix example and polish te code.

Signed-off-by: Tin Lam <tin@irrational.io>

* Add new plug-in to check pyghmi

This patch set adds a new bandit plugin to check the use of the
pyghmi library, as the IPMI is known to be an insecured protocol.

Closes: #356
Signed-off-by: Tin Lam <tin@irrational.io>

Co-authored-by: Tin Lam <tin@irrational.io>
Co-authored-by: Eric Brown <browne@vmware.com>
@ericwb ericwb modified the milestones: Distant Future, Release 1.7.3 Mar 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
Release 1.7.3
Development

Successfully merging a pull request may close this issue.

Add new plugin to check use of pyghmi
Add new plugin to check use of pyghmi
1 participant
@ericwb