SWAMP Update 1.34.2

The following SWAMP updates are now available for mir-swamp.org and SWAMP-in-a-Box. The latest SWAMP-in-a-Box version 1.34.2 files can be obtained from the download server or GitHub.

Noteworthy changes include:New

  • Improvements to the SWAMP’s Native Results Viewer.
    • The weaknesses shown can now be filtered by bug type.
    • The locations of weaknesses within the affected code files are shown. Specifically, each weakness listed provides a link to a page showing the code file in which that weakness is located with the specific line of code flagged. Additionally, the Native Viewer has a tree view of the files and directories included in the package archive and provides a count of weaknesses per file and a code view of files with all weaknesses flagged.
  • General enhancements and bug fixes for SWAMP-in-a-Box.
    • SWAMP-in-a-Box user sign-in works when using an Active Directory server with multiple, hierarchical DNs (distinguished names).
    • SWAMP-in-a-Box assessments run for users where the user_uid includes an “@” character, which happens when SWAMP-in-a-Box uses an LDAP/AD server for user authentication and the SWAMP User ID maps to an LDAP/AD attribute that has values containing an “@”.
    • You can now specify when the SWAMP layout cookie expires in number of days. Use an integer value for cookie.expires in the web front end configuration file (/var/www/html/config/config.json).
    • The SWAMP-in-a-Box web server no longer includes access-control related headers in responses if the APP_CORS_URL is the same as APP_URL in the .env configuration file (/var/www/swamp-web-server/.env).
    • The upgrade script has been updated to prevent problems with a SWAMP-in-a-Box install not including tool metadata records. When creating an assessment, platforms can now be selected for individual tools.

Let us know if you have any questions at support@continuousassurance.org.

Comments

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.