Created by James Hurrell, last modified by N Padmavathi on Aug 31, 2020
1.0.0-funcrel
Note
Initial release
1.0.0-beta4
Resolved Issues
| Customer Ticket Id | Details |
|---|
| 14526 | PERMANENT FIX: "Synchronizing Assessment Model Step failed while running snapshot error-"duplicate key value violates unique constraint "dss_me_val_typ_pk" |
Other Updates
| Details |
|---|
| Internal issues fixed |
1.0.0-beta3
Other Updates
| Details |
|---|
| Better support of the rule Avoid thrown Exceptions in servlet methods |
| Internal issue fixed |
Rules
| Rule Id | New Rule | Details |
|---|
| 1039024 | FALSE | CWE-614: Avoid using unsecured cookie (JEE) |
| 1039022 | FALSE | CWE-916: Cryptographic Hash:Avoid using Insecure PBE Iteration Count update |
| 1039026 | TRUE | CWE-1004: Avoid creating cookie without setting httpOnly option (JEE) |
1.0.0-beta2
Resolved Issues
| Customer Ticket Id | Details |
|---|
| 14282 | MODULMSG; Job execution Extension com.castsoftware.jeerules has encountered an issue |
| 14130 | MODULMSG; Job execution Extension com.castsoftware.jeerules has encountered an issue |
Other Updates
| Details |
|---|
| Update rules names with CWE STANDARDS |
Rules
| Rule Id | New Rule | Details |
|---|
| 1039022 | TRUE | CWE-916: Cryptographic Hash: Avoid using Insecure PBE Iteration Count |
| 1039024 | TRUE | CWE-614 : Avoid using unsecured cookie (JEE) |
