summaryrefslogtreecommitdiffstats
path: root/docs/submodules/portal.git
AgeCommit message (Collapse)AuthorFilesLines
2019-07-03Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 4f77c9f6c5539747c0fadd6028044e2ff2ceb8cf - AuthUtil method isAccessAllowed() argument change Change argument length to match argument length from to sdk version. Issue-ID: PORTAL-656 Change-Id: I6fe28800e0baccaab43419d3aa0d8c43b1ebe771 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-28Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to c2502f81cc07d6b6c619d334f7e81ea82e47223a - PeerBroadcastSocket sonar issues fix and code refactor Sonar issues fix and code refactor. Session data save moved to another method. Rest of code don't really do anything. Issue-ID: PORTAL-624 Change-Id: I53b36377f2d2645d8c24ad2384959f0599e07303 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-28Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 6a9580d025114106e82fc49da895bbc857a3e91b - ONAPWelcomeController sonar issue fix String viewName and getter/setter can be romoved from his class. ONAPWelcomeController Overrides this field 1 to 1. Issue-ID: PORTAL-652 Change-Id: Idbb41f52a63c6ea681f6ba7753991d766849e3a2 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-28Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to caf5dec3f7ddb89fc26b7579e5d7f15ac54e500c - ONAPLoginController sonar issues fix. Sonar issues fix plus @Autowired in constructor not in fields. Issue-ID: PORTAL-651 Change-Id: I99329b986877d040c6fdda9daf42a5c501a39605 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-28Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 62be40d079c97648353c1ad45819d3a24ff82fe5 - SimpleLoginStrategy sonar issues fix "Either remove or fill this block of code." "Move the "" string literal on the left side of this string comparison." "Define and throw a dedicated exception instead of using a generic one." Issue-ID: PORTAL-650 Change-Id: I92018287a6f585020f0ae6f042b1bb1de84a5e14 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-28Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 32b9dcf937f5ddfb3bd7d606155a505661bc6093 - OpenIdConnectLoginStrategy sonar issues fix Redundant suppression("rawtypes") removed. Sonar issue: Move the "" string literal on the left side of this string comparison. Define and throw a dedicated exception instead of using a generic one. Issue-ID: PORTAL-649 Change-Id: Ia2c80ad4848c22c94a2db731425250784d382841 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-18Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 2a462c99939b19f972813b64c7a4d6e33b9aaa5a - Merge "Fix sql injection vulnerability" - Fix sql injection vulnerability Use a variable binding instead of concatenation. Change test 'getAppRolesForNonCentralizedPartnerAppTest'. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I676ed349746cdabf320027dd27a0c16949fff6d8
2019-06-18Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 37ea104d5c99b4100381cc0e8e79be3feb98a0ec - Merge "Fix sql injection vulnerability" - Fix sql injection vulnerability Use a variable binding instead of concatenation. Change test 'getAppRolesForNonCentralizedPartnerAppTest'. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I45895dc7665ff17394e602cbccf875e4e91b5ce1
2019-06-18Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 80ddb55b9f5569c6443104150cb74ba2ae4fcb08 - Merge "Fix sql injection vulnerability" - Fix sql injection vulnerability Use a variable binding instead of concatenation. Change test 'getAppRolesForNonCentralizedPartnerAppTest'. Issue-ID: OJSI-174 Signed-off-by: Dominik Orliński <d.orlinski@samsung.com> Change-Id: I5cb7561e4b2b781834bd4f2ec36dee58b4738bf2
2019-06-18Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 89e5721f7e8e45fd0f26597a8b8082d90b47839c - WebAnalyticsExtAppController sonar issues - Rename this local variable to match the regular expression - Make this anonymous inner class a lambda. - Immediately return this expression instead of assigning it to the temporary variable "response". - Move the "" string literal on the left side of this string comparison. - Replace the type specification in this constructor call with the diamond operator ("<>"). Issue-ID: PORTAL-648 Change-Id: I1666d94dccbbe8aa835ea9a443a9973a245353f4 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-18Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 0722bf2fc95a1ccaabbc293dccc0d05ed0727b84 - HealthMonitor sonar issues Remove this unused "numIntervalsClusterNotHealthy" local variable. Use "Long.parseLong" for this string-to-long conversion. Make the enclosing method "static" or remove this set. Change this instance-reference to a static reference. Remove the literal "false" boolean value. This block of commented-out lines of code should be removed. Add the "@Override" annotation above this method signature Issue-ID: PORTAL-647 Change-Id: I1880177f0906e6267807bbb9c0b7a81651e3c020 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-18Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 42fac09a9de610875a90e6eb8df58ea7b3c317f6 - EPLdapService sonar issue fix Annotate the interface with the @FunctionalInterface annotation. Issue-ID: PORTAL-646 Change-Id: Idc6c70b9edaed73024721a3bc8c91796a0df9183 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-18Update git submodulesDominik Mizyn1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 38bc3cb1b318a7b1ccfe0c37e835ac68ac9c60e5 - AppWithRolesForUser sonar security issue I used Lombok annotation to provide accessors. Issue-ID: PORTAL-645 Change-Id: Iad852434f30b81535398913df162fa8f4bd1ecff Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-17Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to d9a26e7fe8c2dfee2ea43ae697278e11f10f31e9 - Merge "PortalAdminUserRole class DB constraints" - PortalAdminUserRole class DB constraints Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-636 Change-Id: I8fb4f50e672e17b9e169303eb09255fe57288b45 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-17Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to fd64af5e46b31e731e3e9e11b037361b0a73d965 - Merge "MicroserviceParameter class DB constraints" - MicroserviceParameter class DB constraints Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-635 Change-Id: Idcca0d46d1779d5fae874aff38cfd7f59f73c9b0 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-17Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to e42eae64a6ed2dbdf9dd1112bb31633faf60e0a3 - Merge "MicroserviceDataApp class DB constraints" - MicroserviceDataApp class DB constraints Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-634 Change-Id: Ife3b0116b986d52fd17612937b2a74fa76062ed9 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-17Update git submodulesLorraine Welch1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 4d0b6c18868e0a5fdbd876d4e0fdb18ae5b4573e - Merge "Application Onboarding page changes " - Application Onboarding page changes Issue-ID: PORTAL-644 Application Onboarding page changes , DB scripts Change-Id: Id689e15f5abd56192420e6761440659531108ab4 Signed-off-by: Kotta, Shireesha (sk434m) <sk434m@att.com>
2019-06-17Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 8b67487fa29e61ad15ac961231ebb3b6621d39dc - Merge "Sonar: Reduce cyclomatic complexity" - Sonar: Reduce cyclomatic complexity Reduce the number of conditional operators for equals(). Improve testEquals() to better cover this method. This patch also: * immediately returns expression instead of assigning it to the temporary variable "str", * adds the "@Override" annotation above equals() method signature. Issue-ID: PORTAL-595 Change-Id: I15f600acce873eb3f22cc405d06a50890c7e87c3 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 4027435c28e1433df2476b83a6e77ba4d1d865bd - Merge "WidgetFileApp class DB constraints" - WidgetFileApp class DB constraints Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-633 Change-Id: Id7b45dedafe2e5f9e799a93d219baef46c88d124 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 9f45f60932b17364ade24f29c7831bd3ef757bc5 - Merge "FavoritesFunctionalMenuItem class DB constraints" - FavoritesFunctionalMenuItem class DB constraints Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-632 Change-Id: Ia7c2f4ad0aa5cc85db73142d0fecd46da535c3d9 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to c56b27404151b0d283cd16f7c5311ee4fb67936f - Merge "WidgetCatalog class DB constraints" - WidgetCatalog class DB constraints Java Bean Validation SR 380 annotations added to classes Plains getter/setter converted to lombok annotation Issue-ID: PORTAL-630 Change-Id: Id866ec4bc0dc428adfbb7cdc64fe15f7faf837f7 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 2aed32aa93c86ae3685b3134f10d884d1a34582a - Merge "Change default character to utf8 for portal db" - Change default character to utf8 for portal db Change-Id: I6a1bb2f1b6b501662c7ae2ca902c3d61c7534125 Issue-ID: PORTAL-565 Signed-off-by: shentao999 <shentao@chinamobile.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 017404f69410a07bc0d44308f80902bf81ece059 - Merge "Sonar critical fixes in MicroserviceServiceImpl" - Sonar critical fixes in MicroserviceServiceImpl Fixed critical issues according to the Sonar analysis: -Fixed imports. -Fixed logical comparisons. Issue-ID: PORTAL-591 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Icc2b6fb45777582486e1060245cdf94e4f6d685d
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to b475a63d78de90cb89301e3830a61b6fe2a723f0 - Merge "Sonar fix: make "dateFormat" an instance variable" - Sonar fix: make "dateFormat" an instance variable Fixed critical Sonar issue. SimpleDateFormat was declared as a static but it is not tread-safe and it keeps an internal state. Compliant solution has been applied with additional DateUtil class. Issue-ID: PORTAL-590 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Ic6243052804a410cb750c6c219c702469c86ff78
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 5312423cbaf998b8f104495833b3f019bffac204 - Merge "Sonar critical fixes in EPAppCommonServiceImpl" - Sonar critical fixes in EPAppCommonServiceImpl Fixed issues according to the Sonar analysis: -Fixed imports. -Fixed logical comparisons. -Fixed comparisons between unrelated types. Issue-ID: PORTAL-588 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Change-Id: Ibc204e0218788bb82f947c668d68fb6e88db7043
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 7d9545688ca7fb73dc668320cdcbab8584b31e15 - Merge "RoleApp class DB constraints" - RoleApp class DB constraints Java Bean Validation SR 380 annotations added to classes Lombod added to widget-ms Plains getter/setter converted to lombok annotation Issue-ID: PORTAL-629 Change-Id: I31639672510994412149ed8be92cb8e1b022f646 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to e3f250e95491450a1c1040f8fc55c376aca8c072 - Merge "App class DB constraints" - App class DB constraints Java Bean Validation SR 380 annotations added to classes Issue-ID: PORTAL-627 Change-Id: I827f99ef75c6af3f9881fe68f1cb245795ba2734 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 4b12eacf41dd7866039f1b9059188c619c317ad6 - Merge "FunctionalMenuItem DB constraints fix" - FunctionalMenuItem DB constraints fix Add @Digits to secure Long type fields Issue-ID: PORTAL-626 Change-Id: I59080c9103369d96a42c574356f0635265335d0a Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 5f652908e3cffe593c03a4f352ab0d33663b1639 - Merge "FunctionalMenuItem DB constraints add" - FunctionalMenuItem DB constraints add Java Bean Validation SR 380 annotations added to classes Unnecessary boxing removed. Issue-ID: PORTAL-626 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com> Change-Id: Ic1c20870fd781d46061077fd14b81a65dea93e6e
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 9d730f0c98561e566be9adba12c0b044f5924a9f - Merge "XSS Vulnerability fix in DashboardSearchResultController" - XSS Vulnerability fix in DashboardSearchResultController Custom Validator is used to secure this endpoints. Issue-ID: OJSI-15 Change-Id: Idf523a53bc5fe9e1df8110526d56336953759c86 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to a5e70096b0cf77fb10d18e4ecd4e67be40ceedaf - Merge "Custom data validator" - Custom data validator By creating custom data validator we can reduce code duplications. Issue-ID: OJSI-15 Change-Id: I39decf1d6ded559322c4445f0956fad2a159878d Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 682773f88ca8b69b5ba9dee3515d437522817148 - Merge "XSS Vulnerability fix in TicketEventController" - XSS Vulnerability fix in TicketEventController @SafeHtml and SecureString used to fix this issue; Issue-ID: OJSI-209 Change-Id: I588872839696c824135bab88c100b31c23d960ba Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 5b6231bb65d5033f911827b13572bc70756d7b1d - Merge "XSS Vulnerability fix in RoleManageController" - XSS Vulnerability fix in RoleManageController @SafeHtml and SecureString used to secure this class Issue-ID: OJSI-208 Change-Id: Ie01799933add3419cacf0fc716ce2da6da0a2853 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 9abe14fca14a8f15a7ee58cab1e92908282fef0b - Merge "Fix sql injection vulnerability" - Fix sql injection vulnerability Use a variable binding instead of concatenation. Add new test for function 'createLocalUserIfNecessary'. Issue-ID: OJSI-174 Change-Id: Iddd65893bb2cb16c90d4f8db59816fdf261874bc Signed-off-by: Dominik Orliński <d.orlinski@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to e496b1b94a07e7995fefd8113c0fbe25953322ea - Merge "XSS Vulnerability fix in AppsOSController" - XSS Vulnerability fix in AppsOSController SecureString class used to secure PathVariable. Issue-ID: OJSI-207 Change-Id: I6275c5db4d8d97dc60ef1676b651e3d8802ad9f7 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 3462e289aec5880f3e2f2f23ce4b5f70160ba7f4 - Merge "XSS Vulnerability fix in AppsControllerExternalRequest" - XSS Vulnerability fix in AppsControllerExternalRequest @SafeHtml annotation is used to fix this problem. This patch also fix some minor issues: * isAuxRESTfulCall() method delete. Method was nowhere used. * '.length() == 0' changed to '.isEmpty()' Issue-ID: PORTAL-604 Change-Id: Ib7091622081f507812654b50275ad7ac4c97bfc3 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to d0983c06165682e054af165621ae84d858b08117 - Merge "Sonar issue: Correct this "&" to "&&" in MicroserviceServiceImpl" - Sonar issue: Correct this "&" to "&&" in MicroserviceServiceImpl This patch also fix some minor issues: * 'fori' loop replaced with 'foreach' * Sonar issue: Replace the type specification in this constructor call with the diamond operator ("<>"). * redundant 'throws'. Exception will never throw * unnecessary temporary local variable Issue-ID: PORTAL-603 Change-Id: If23afb9f4a10f0ad06c712cb95a38b54dc5cd089 Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to d86f64c663b7b82f529617b6c8c0ea69a926f950 - Merge "XSS Vulnerability fix in MicroserviceController" - XSS Vulnerability fix in MicroserviceController @SafeHtml annotation is used to fix this problem. This commit also fix: * redundant local variable issue * sonar issue: Replace the type specification in this constructor call with the diamond operator ("<>"). * performance issue - String concatenation argument as argument to 'StringBuilder.append()' call * redundant cast * redundant 'throws Exception'. 'Exception' is never thrown * access static member via instance reference * unused declarations Issue-ID: PORTAL-602 Change-Id: Id92fe2d9cfe239474403f611f3d5d0170acf63cc Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-14Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 2341313316b631be275294622ca9d4281e1f20bc - Merge "XSS Vulnerability fix in DashboardSearchResultController" - XSS Vulnerability fix in DashboardSearchResultController @SafeHtml annotation is used to fix this problem. New class 'SecureString' must be added to project to valid incoming Strings from '@RequestParam String incoming String' pom.xml file update. This patch also fix: * remove unnecessary semicolon * Sonar issue: Replace the type specification in this constructor call with the diamond operator ("<>") Issue-ID: PORTAL-601 Change-Id: Id214b6e65f0c486141679fd23725a7fb66443acd Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-13Update git submodulesSunder Tattavarada1-0/+0
* Update docs/submodules/portal.git from branch 'master' to f4359045f50372d8cf5c8ce0eb08d4b6c2cf26ba - Merge "Fix sonar issue: Override "equals(Object obj)"" - Fix sonar issue: Override "equals(Object obj)" This commit provide equals method for CentralV2UserApp and test for this method. Issue-ID: PORTAL-599 Change-Id: Ied44c680032831ec6a02211f658ec16f0aad8f4a Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
2019-06-11Update git submodulesWelch, Lorraine (lb2391)1-0/+0
* Update docs/submodules/portal.git from branch 'master' to e98d94edaa2276b33959f5ef6d45f3fdeeab37ee - Updated Dublin Release Notes Issue-ID: PORTAL-592 Signed-off-by: Welch, Lorraine (lb2391) <lb2391@att.com> Change-Id: I4d1e7e8bd83ed2adb7df25ccf4c694b1c81ef879
2019-06-07Update git submodulesWelch, Lorraine (lb2391)1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 708ef7b50e2d81ebd85c11a20211042b630bc99f - Added lorraineawelch to INFO.yaml Issue-ID: PORTAL-618 Signed-off-by: Welch, Lorraine (lb2391) <lb2391@att.com> Change-Id: I3d7f57c8cc20347f8adeefbada2eaffde0940262
2019-05-30Update git submodulesManoop Talasila1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 40c8f073970f3664786d1bb4d4c69ed3f57b8b45 - Merge changes I1c586793,I47249407,Idad22dea,I5c3bee06,I5cb96956 * changes: Document OJSI-190 vulnerability Document OJSI-174 (CVE-2019-12318) vulnerability Document OJSI-92 (CVE-2019-12121) vulnerability Document OJSI-65 (CVE-2019-1212) vulnerability Document OJSI-15 (CVE-2019-12317) vulnerability - Document OJSI-190 vulnerability Issue-ID: OJSI-190 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I1c586793b744a5807e7b1a7a1d416dfd43409ab0 - Document OJSI-174 (CVE-2019-12318) vulnerability Issue-ID: OJSI-174 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I47249407ccb62ca7ffd1d8edc9ada8793f4c53c9 - Document OJSI-92 (CVE-2019-12121) vulnerability Issue-ID: OJSI-92 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Idad22deafb262da539c52fa8733e7ea098fd1361 - Document OJSI-65 (CVE-2019-1212) vulnerability Issue-ID: OJSI-65 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I5c3bee06c2b1da3eca2bb583c57decb35b0f32c0 - Document OJSI-15 (CVE-2019-12317) vulnerability Issue-ID: OJSI-15 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I5cb96956f25e09a390ef24a52f6222c0cc7b9e94
2019-05-30Update git submodulesManoop Talasila1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 88f48d47dc427e73842c0b65a6b544c8229c2773 - Merge "Don't give the user the exact stack trace of the exception" - Don't give the user the exact stack trace of the exception Catching the exception in the SecurityXssFilter class. Issue-ID: OJSI-192 Change-Id: I8d9d7a3032f98afcb58285b13b13d5ce35fddadd Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com>
2019-05-30Update git submodulesManoop Talasila1-0/+0
* Update docs/submodules/portal.git from branch 'master' to ee8d6a877f7709f28da43b0f10baf659876c4bed - Merge "Don't give user the exact exception description" - Don't give user the exact exception description The exact description of the exception especially if related to cryptography cannot be given to the user as it may be abused by the attacker. To fix that, we started to use @ExceptionHandler for all exceptions in the LoginController as well. CVE: CVE-2019-12121 Issue-ID: OJSI-92 Change-Id: I100b37ff33d28ebccc2411c3acc62bdb7ce11ca8 Signed-off-by: Piotr Borelowski <p.borelowski@partner.samsung.com> Reviewed-by: Krzysztof Opasiak <k.opasiak@samsung.com> Acked-by: Manoop Talasila <talasila@research.att.com>
2019-05-28Update git submodulesManoop Talasila1-0/+0
* Update docs/submodules/portal.git from branch 'master' to ba546e970d779a5e87a07b3058a85e1446c39129 - Merge "Removed user password from portal's profile API" - Removed user password from portal's profile API ONAP Portal allowed to retrieve password of currently active user via "/portalApi/loggedinUser" endpoint. Prefilled "Login Password" field has been changed to "*****" and password is not send anymore to the frontend. Only after change of this default value password will be updated. Confirm Password field has been removed from the UI. In the future password change could be additionally also checked on the backend side to verify current password before updating it. Issue-ID: OJSI-65 Signed-off-by: Robert Bogacki <r.bogacki@samsung.com> Reviewed-by: Krzysztof Opasiak <k.opasiak@samsung.com> Acked-by: Manoop Talasila <talasila@research.att.com> Change-Id: I00b7713557247d211927c437f31f118095ad0726
2019-05-28Update git submodulesKrzysztof Opasiak1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 59eebbf3cb31d01345d973098a73a866b1d08466 - Document OJSI-106 vulnerability Issue-ID: OJSI-106 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I549009cf3c313b0f5307b99ce22b56243e933f8f
2019-05-28Update git submodulesKrzysztof Opasiak1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 43262c8109f8a65d67e0d273a7b08db202520ff4 - Document OJSI-105 vulnerability Issue-ID: OJSI-105 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I8c3a00ce98886f7175e5cf85f09309bd50ef702c
2019-05-28Update git submodulesKrzysztof Opasiak1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 66c406115811a0e83a67791fe4eaa35c54edb2b1 - Document OJSI-97 vulnerability Issue-ID: OJSI-97 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I56d194918b91580d5d9f6b25e564923fe29c51f3
2019-05-28Update git submodulesKrzysztof Opasiak1-0/+0
* Update docs/submodules/portal.git from branch 'master' to 53de06c9d6b3c52f9f23ed4904968074b3f833d2 - Improve security release notes In order to provide users with more details of project's state in terms of security let's divide the security release notes into three sections: - Fixed Security Issues Contains a list of security fixes merged during this release (especially those reported via OJSI tickets). - Known Security Issues Contains a list of vulnerabilities detected in project during release which have not been fixed yet and thus should be mitigated by the user. - Known Vulnerabilities in Used Modules Contains information about NexusIQ scan results Issue-ID: SECCOM-238 Change-Id: Ief8825c38c7723c26e8c7e10a6a13f4b8f9c169d Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>