diff options
author | lhinds <lhinds@redhat.com> | 2017-08-24 19:51:28 +0100 |
---|---|---|
committer | lhinds <lhinds@redhat.com> | 2017-08-24 20:28:08 +0100 |
commit | f5f335aa4e575512bd5184fb7dea97f6d0f5c416 (patch) | |
tree | 3377dc5149d1173d8270f9a4dff6c46f55e428bf | |
parent | 6248ecb0d79c3bb0ab31cd2a40222b246a8c206f (diff) |
desc field set to just one line
using a bar `|` to set over two lines was causing issue for awk
Change-Id: I61c612a5d4fb864dea7648c893091da309aacce6
Signed-off-by: lhinds <lhinds@redhat.com>
-rw-r--r-- | master_list.yaml | 25 |
1 files changed, 7 insertions, 18 deletions
diff --git a/master_list.yaml b/master_list.yaml index 178dde4..af35076 100644 --- a/master_list.yaml +++ b/master_list.yaml @@ -101,9 +101,7 @@ file_audits: ripemd: regex: ripemd - desc: | - "RACE Integrity Primitives Evaluation Message Digest - is an insecure hashing algorithm" + desc: "RACE Message Digest is an insecure hashing algorithm" secret: regex: secret @@ -152,38 +150,29 @@ file_audits: apprun: regex: app\.run\s*\(.*debug.*=.*True.*\) desc: | - "Running flask in debug mode can give away sensitive data on a - systems configuration" + "Running flask in debug mode can give away sensitive data" autoescape: regex: autoescape.*=.*False - desc: | - "Without escaping HTML input an application becomes - vulnerable to Cross Site Scripting (XSS) attacks." + desc: "Not escaping HTML input is vulnerable to XSS attacks." safestring: regex: safestring\.mark_safe.*\(.*\) - desc: | - "Without escaping HTML input an application becomes - vulnerable to Cross Site Scripting (XSS) attacks." + desc: "Not escaping HTML input is vulnerable to XSS attacks." shelltrue: regex: shell.*=.*True - desc: | - "Shell=True can lead to dangerous shell escapes, - expecially when the input can be crafted by untrusted external input" + desc: "Shell=True can lead to dangerous shell escapes" tmp: regex: \/tmp\/ desc: | - "Use of tmp directories can be dangerous. Its world writable and - accessable, and can be easily guessed by attackers" + "tmp directories are risky. They are world writable and easily guessed" yamlload: regex: \yaml\.load desc: | - "Avoid dangerous file parsing and object serialization libraries, - use instead `yaml.safe_load`" + "Avoid dangerous file parsing & serialization libs, use yaml.safe_load" telnet: regex: telnet |