From f5f335aa4e575512bd5184fb7dea97f6d0f5c416 Mon Sep 17 00:00:00 2001
From: lhinds <lhinds@redhat.com>
Date: Thu, 24 Aug 2017 19:51:28 +0100
Subject: desc field set to just one line

using a bar `|` to set over two lines was causing issue for awk

Change-Id: I61c612a5d4fb864dea7648c893091da309aacce6
Signed-off-by: lhinds <lhinds@redhat.com>
---
 master_list.yaml | 25 +++++++------------------
 1 file changed, 7 insertions(+), 18 deletions(-)

diff --git a/master_list.yaml b/master_list.yaml
index 178dde4..af35076 100644
--- a/master_list.yaml
+++ b/master_list.yaml
@@ -101,9 +101,7 @@ file_audits:
 
     ripemd:
       regex: ripemd
-      desc: |
-        "RACE Integrity Primitives Evaluation Message Digest
-        is an insecure hashing algorithm"
+      desc: "RACE Message Digest is an insecure hashing algorithm"
 
     secret:
       regex: secret
@@ -152,38 +150,29 @@ file_audits:
     apprun:
       regex: app\.run\s*\(.*debug.*=.*True.*\)
       desc: |
-        "Running flask in debug mode can give away sensitive data on a
-        systems configuration"
+        "Running flask in debug mode can give away sensitive data"
 
     autoescape:
       regex: autoescape.*=.*False
-      desc: |
-        "Without escaping HTML input an application becomes
-        vulnerable to Cross Site Scripting (XSS) attacks."
+      desc: "Not escaping HTML input is vulnerable to XSS attacks."
 
     safestring:
       regex: safestring\.mark_safe.*\(.*\)
-      desc: |
-        "Without escaping HTML input an application becomes
-        vulnerable to Cross Site Scripting (XSS) attacks."
+      desc: "Not escaping HTML input is vulnerable to XSS attacks."
 
     shelltrue:
       regex: shell.*=.*True
-      desc: |
-        "Shell=True can lead to dangerous shell escapes,
-        expecially when the input can be crafted by untrusted external input"
+      desc: "Shell=True can lead to dangerous shell escapes"
 
     tmp:
       regex: \/tmp\/
       desc: |
-        "Use of tmp directories can be dangerous. Its world writable and
-        accessable, and can be easily guessed by attackers"
+        "tmp directories are risky. They are world writable and easily guessed"
 
     yamlload:
       regex: \yaml\.load
       desc: |
-        "Avoid dangerous file parsing and object serialization libraries,
-        use instead `yaml.safe_load`"
+        "Avoid dangerous file parsing & serialization libs, use yaml.safe_load"
 
     telnet:
       regex: telnet
-- 
cgit 1.2.3-korg