Versions Compared

Old Version 39

changes.mady.by.user Bill Branan

Saved on

compared with

New Version 40

changes.mady.by.user Bill Branan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Itembbdbnwaf

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1242

(tick)(tick)(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1273

(tick)(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1274


(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1264

(tick)
(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1275

(tick)
(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1246

(tick)(tick)(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1270

(tick)(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1271

(tick)(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1276





Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1263





Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1266


(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1269

(tick)


Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1284

(tick)
(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1283

(tick)


Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1282

(tick)
(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1281





Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1280





Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1285

(tick)


Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1286

(tick)(tick)

Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1287





Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1293





Jira
serverLYRASIS JIRA
serverIdc815ca92-fd23-34c2-8fe3-956808caf8c5
keyDURACLOUD-1250

(tick)(tick)

Regression Testing

Taskbbdbnwaf
Perform Regression TestsVerified: UI functions across user levels and browsers, media streaming, synctool, retrieval tool, rest api
To be verified: Audit, Manifest, Storage Stats, Snapshot actions


Use ZAProxy to perform a security analysis
  • Use a test DuraCloud account with very little content
  • Start an Automated Scan
  • Remove any sites not relevant to DuraCloud from the "Sites" list
  • Generate an HTML and XML report and attach to this page

ZAProxy Report (html, xml)

  • Medium risk:
    • jquery, version 1.7.1 is vulnerable
  • Low risk: 
    • Missing anti-CSFR tokens on login form
    • Missing cookie settings (AWS cookies):  HttpOnly flag, SameSite attribute, Secure flag
    • Missing X-Content-Type-Options header



...