Uploaded image for project: 'WINDUP - Red Hat Application Migration Toolkit'
  1. WINDUP - Red Hat Application Migration Toolkit
  2. WINDUP-3280

MTA - CVE identification and remediation

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • MTA CLI
    • None
    • MTA - CVE identification and remediation
    • False
    • False
    • To Do
    • Hide
      * *Why we missed the bug?*
       ** Pick to proper answer from drop-down field upper.
       +_Additional comments:_+


       * *What is required:*
       ** Pick to proper answer from drop-down field upper.
       +_Additional comments:_+
      Show
      * *Why we missed the bug?*  ** Pick to proper answer from drop-down field upper.  +_Additional comments:_+  * *What is required:*  ** Pick to proper answer from drop-down field upper.  +_Additional comments:_+
    • 25% To Do, 0% In Progress, 75% Done
    • ---
    • ---

      We need to proactively to identify and fix CVEs.

      The Windup web project deployed on OpenShift was recently analyzed by a Advanced Cluster Security tool and it identified numerous critical and severe CVE's.

      In the short term we need to have a version of that tool running that will allow us to assess our applications and export the results in a format that can be analyzed.

      Then we need to fix the fixable issues.

      In the medium term we need to change our infrastructure and processes so MTA is routinely scanned for CVE's and base images are automatically updated.

       

       

       

              Unassigned Unassigned
              pcattana Philip Cattanach
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: