Skip to content

[docs] pro changelog 2.46.0- 2.46.3#12484

Merged
Maffooch merged 1 commit into
DefectDojo:bugfixfrom
paulOsinski:changelog-2.46.3
May 22, 2025
Merged

[docs] pro changelog 2.46.0- 2.46.3#12484
Maffooch merged 1 commit into
DefectDojo:bugfixfrom
paulOsinski:changelog-2.46.3

Conversation

@paulOsinski

@paulOsinski paulOsinski commented May 19, 2025

Copy link
Copy Markdown
Contributor

Pro Changelog for versions 2.46.0- 2.46.3. Also shrinks heading sizes for March releases for easier sidebar navigation.

@github-actions github-actions Bot added the docs label May 19, 2025
@dryrunsecurity

dryrunsecurity Bot commented May 19, 2025

Copy link
Copy Markdown

DryRun Security

This pull request contains low-confidence risks related to potential tag injection during migration and possible information disclosure through SOC alert flags, which could lead to unintended data manipulation or exposure of internal security monitoring details.

💭 Unconfirmed Findings (2)
Vulnerability Potential Tag Injection Risk
Description Automatic tag migration could cause data loss or unexpected behavior. Strict validation prevents certain characters in tags. Risk of unintended data manipulation during migration process.
Vulnerability Potential Information Disclosure Risk
Description SOC Alerts flag in Universal Parser might expose sensitive security finding origins. Could reveal internal security monitoring details if not properly controlled.

All finding details can be found in the DryRun Security Dashboard.

mtesauro
mtesauro approved these changes May 20, 2025
View reviewed changes

@mtesauro mtesauro left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@Maffooch Maffooch added this to the 2.46.4 milestone May 20, 2025
@Maffooch Maffooch requested a review from hblankenship May 20, 2025 20:31
@Maffooch Maffooch merged commit 35b590e into DefectDojo:bugfix May 22, 2025
76 of 77 checks passed
xansec pushed a commit to xansec/django-DefectDojo that referenced this pull request Jun 18, 2025
@paulOsinski @xansec
add changelog for 2.46.0-3 (DefectDojo#12484)
dd13660 
Co-authored-by: Paul Osinski <paul.m.osinski@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtesauro mtesauro mtesauro approved these changes

@valentijnscholten valentijnscholten valentijnscholten approved these changes

@Maffooch Maffooch Maffooch approved these changes

+1 more reviewer

@hblankenship hblankenship hblankenship approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

docs

Projects

None yet

Milestone

2.46.4

Development

Successfully merging this pull request may close these issues.

5 participants

@paulOsinski @mtesauro @valentijnscholten @hblankenship @Maffooch