Check logs 20.2 Week 2 #5300

cnlucas · 2022-12-14T15:09:19Z

Log review needs to be completed per the Security Event Review Checklist (https://github.com/fecgov/FEC/wiki/Security-Event-Review-Checklist)

Ref: [Check logs sprint 20.2 week 1]
#5299

Make new tickets for Sprint 20.3 weeks 1 & 2

cnlucas · 2022-12-28T17:24:24Z

FEC-CMS:
package.json: None
requirements.txt: Snyk Low: Setuptools) #5488
2 Snyk Medium: Pillow) #5497
1 High gitpython Remote Code Execution (RCE) fecgov/fec-cms#5509

OPENFEC:
package.json: None
requirements.txt: Snyk Low: Setuptools) #5286
1 High gitpython Remote Code Execution (RCE) #5509
1 Medium certifi Insufficient Verification of Data Authenticity #5298
flyway: None

FEC-EREGS:
package.json: None
requirements.txt: Snyk Low: Setuptools) #727
1 High gitpython Remote Code Execution (RCE) fecgov/fec-eregs#728

FEC-PATTERN-LIBRARY:
package.json: None

Search logs:
Ok

Cloud.gov Dashboard:
Ok 8 accounts

Off-boarding:
None in Github or Cloud.gov this week

cnlucas added the Security: general General security concern or issue label Dec 14, 2022

cnlucas added this to the Sprint 20.2 milestone Dec 14, 2022

rfultz assigned cnlucas Dec 20, 2022

cnlucas closed this as completed Dec 28, 2022

This was referenced Jan 3, 2023

Check logs 20.3 Week 2 #5310

Closed

Check logs 20.3 Week 1 #5311

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Check logs 20.2 Week 2 #5300

Check logs 20.2 Week 2 #5300

cnlucas commented Dec 14, 2022

cnlucas commented Dec 28, 2022

Check logs 20.2 Week 2 #5300

Check logs 20.2 Week 2 #5300

Comments

cnlucas commented Dec 14, 2022

cnlucas commented Dec 28, 2022