diff --git a/CHANGELOG.md b/CHANGELOG.md index f0c0d66d4a9aa79dcf60ddd793b29b57d16e9d5b..68a4fa8a78e28e8227650d03822186896009f7e7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ ## v3.0.71 - Enable breach attack simulation attacks with feature flag `DAST_FF_ENABLE_BAS_ATTACKS` (!746) +- Upgrade browserker to version `0.0.148` (!749) + - Add active check finding summary as `vulnerabilities[].location.param` so findings are not de-duplicated [browserker!1083](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1083) + - Release browserker FIPS compliant Docker image [browserker!1080](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1080) [browserker!1073](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1073) + - Update dast-chromium to `22.04-108.0.5359.94-1-20230321081952` [browserker!1080](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1080) + - Ensure active check findings are not deduplicated [browserker!1082](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1082) + - Attack IDs can be specified in `OnlyIncludeAttacks` [browserker!1088](https://gitlab.com/gitlab-org/security-products/analyzers/browserker/-/merge_requests/1088) ## v3.0.70 - Upgrade browserker to version `0.0.147` (!744) diff --git a/Dockerfile b/Dockerfile index c048ce3f2349931de8e1f236e204b1b8f06e1374..e62a76ed644f7d93ea6f572a13579583ec52138f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG BASE_IMAGE_VERSION=0.0.147 +ARG BASE_IMAGE_VERSION=0.0.148 ARG BASE_IMAGE=registry.gitlab.com/security-products/dast/browserker:$BASE_IMAGE_VERSION FROM $BASE_IMAGE as compiled_dependencies diff --git a/test/end-to-end/expect/test_browserker_active_check_22_1.json b/test/end-to-end/expect/test_browserker_active_check_22_1.json index 90e44d0eccca9abf4c44d1a8106a761bce1c31a6..375908f8ff13b4b7aa3fd4021d1c6a56644daf20 100644 --- a/test/end-to-end/expect/test_browserker_active_check_22_1.json +++ b/test/end-to-end/expect/test_browserker_active_check_22_1.json @@ -134,7 +134,7 @@ "location": { "hostname": "http://check-22-1", "method": "POST", - "param": "", + "param": "application/x-www-form-urlencoded form field file_name with injection /etc/passwd", "path": "/read-file" }, "name": "Improper limitation of a pathname to a restricted directory (Path traversal)", diff --git a/test/end-to-end/expect/test_mutual_tls_browser_based.json b/test/end-to-end/expect/test_mutual_tls_browser_based.json index f2f5cbfed2f9756b8e9b85110f3470a896df328c..73025d7cf4dcb05fc7cf9570bd797fa2e957805d 100644 --- a/test/end-to-end/expect/test_mutual_tls_browser_based.json +++ b/test/end-to-end/expect/test_mutual_tls_browser_based.json @@ -87,7 +87,7 @@ "location": { "hostname": "https://nginx", "method": "POST", - "param": "", + "param": "application/x-www-form-urlencoded form field file_name with injection /etc/passwd", "path": "/read-file" }, "name": "Improper limitation of a pathname to a restricted directory (Path traversal)", diff --git a/test/end-to-end/test-browserker-bypass-zap.sh b/test/end-to-end/test-browserker-bypass-zap.sh index c41ffcaa5ed335f53ec916394a5646301ff8cec9..bef8b03cd8308c7d488a3435d34699afae09ac9e 100644 --- a/test/end-to-end/test-browserker-bypass-zap.sh +++ b/test/end-to-end/test-browserker-bypass-zap.sh @@ -27,6 +27,7 @@ test_browserker_scan_bypassing_zap() { --env DAST_BROWSER_LOG="loglevel:trace" \ --env DAST_BROWSER_INCLUDE_ONLY_RULES="16.8" \ --env DAST_FF_BYPASS_ZAP=true \ + --env DAST_BROWSER_CRAWL_GRAPH="True" \ "${BUILT_IMAGE}" \ /analyze -t https://nginx >output/test_browserker_scan_bypassing_zap.log 2>&1 assert_equals "0" "$?" "Expected to exit without errors" diff --git a/test/end-to-end/test-browserker-check-22-1.sh b/test/end-to-end/test-browserker-check-22-1.sh index 674b19738e670da702d8a938d0c75027bc498962..564648c6ee2e6942734ded06e73e6cdd8b1aab2c 100644 --- a/test/end-to-end/test-browserker-check-22-1.sh +++ b/test/end-to-end/test-browserker-check-22-1.sh @@ -32,6 +32,7 @@ test_browserker_active_check_22_1() { --env DAST_FF_ENABLE_BROWSER_BASED_ATTACKS="true" \ --env DAST_BROWSER_LOG="brows:debug,chrom:trace" \ --env DAST_BROWSER_DEVTOOLS_LOG="Default:suppress; Fetch:messageAndBody,truncate:2000; Network:messageAndBody,truncate:2000" \ + --env DAST_BROWSER_CRAWL_GRAPH="True" \ "${BUILT_IMAGE}" \ /analyze -d -t http://check-22-1 >output/test_browserker_active_check_22_1.log 2>&1 assert_equals "0" "$?" "Expected to exit without errors"