Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add vulnerabilities and change packages in some Windows upgrade cases #5234

Merged
merged 3 commits into from
Apr 19, 2024
Merged

Add vulnerabilities and change packages in some Windows upgrade cases #5234

merged 3 commits into from
Apr 19, 2024

Conversation

MARCOSD4
Copy link
Member

@MARCOSD4 MARCOSD4 commented Apr 17, 2024
edited
Loading

Description

This PR aims to add some vulnerabilities in the vuln_packages.json file that were not contemplated before and add some new packages not vulnerable in some Windows upgrade cases. The test_vulnerability.yaml file has also been modified to incorporate these changes.

Testing performed

These changes have been tested locally by running only the cases that have been modified, that is, from the upgrade_package_maintain_add_vulnerability0 case onwards. The tests have failed, but in the alert file, you can see the alerts corresponding to the vulnerabilities of each installed package, so the test performance is as expected. The errors are due to the tests failing to detect vulnerabilities because of a change in the index reported in #5239.

Report: report.zip

@MARCOSD4 MARCOSD4 self-assigned this Apr 17, 2024
@MARCOSD4 MARCOSD4 linked an issue Apr 17, 2024 that may be closed by this pull request
Missing vulnerabilities in some Windows upgrade cases #5209
Closed
@MARCOSD4 MARCOSD4 marked this pull request as ready for review April 17, 2024 14:58
juliamagan
juliamagan requested changes Apr 18, 2024
View reviewed changes
Copy link
Member

@juliamagan juliamagan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GJ! Remember to add the changelog entry

deps/wazuh_testing/wazuh_testing/end_to_end/vulnerability_detector_packages/vuln_packages.json Show resolved Hide resolved
@MARCOSD4
Copy link
Member Author

Changelog updated in e36a8d3

juliamagan
juliamagan approved these changes Apr 18, 2024
View reviewed changes
Copy link
Member

@juliamagan juliamagan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@davidjiglesias davidjiglesias merged commit 84e01e7 into 4.8.0 Apr 19, 2024
0 of 2 checks passed
@davidjiglesias davidjiglesias deleted the bug/5209-add-windows-vulnerabilities branch April 19, 2024 06:28
@juliamagan juliamagan mentioned this pull request Apr 29, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juliamagan juliamagan juliamagan approved these changes

Assignees

@MARCOSD4 MARCOSD4

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Missing vulnerabilities in some Windows upgrade cases
3 participants
@MARCOSD4 @juliamagan @davidjiglesias