navareth
March 19, 2021, 10:11pm
1
Hi everyone!
Is there a way for us to familiarize ourselves with the NCSU security vulnerabilities report which is referenced on the wiki page of this project?
https://wiki.openmrs.org/display/projects/GSoC+2021%3A+Patch+Security+Vulnerabilities+Identified+by+NCSU
grace
March 19, 2021, 11:42pm
2
Good question, @isears is there a report or a series of curated issues/tickets that is publicly share-able here?
isears
March 20, 2021, 4:35pm
3
We’re probably not going to be able to publicly release the full report, but check out these PRs for recent examples of the kinds of bugs that are being patched (and the kind of work the patches entail):
openmrs:master ← CrooksDC:master
opened 01:40AM - 10 Mar 21 UTC
openmrs:master ← annaowens:EMPT-68
opened 05:54AM - 09 Mar 21 UTC
openmrs:master ← annaowens:EMPT-48
opened 08:32PM - 03 Mar 21 UTC
openmrs:master ← anupamdevulapalli:RA-1865
opened 02:39AM - 03 Feb 21 UTC
openmrs:master ← varsha5595:supervision-fix-reflective-xss
opened 11:55AM - 02 Dec 20 UTC
1 Like
navareth
March 20, 2021, 4:49pm
4
Great examples, thanks @isears !