RubyGems - cfn-nag - Versions diffs - 0.5.56 → 0.5.57 - Mend

cfn-nag 0.5.56 → 0.5.57

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c7e42dcbf8c7bf6a58382251f5b1d8fd3b05041c0a95b7f0a368cb5477d1c9ab
-  data.tar.gz: b420858b4a25f470669a5d493922b728129c0fe1651f1dd86fa162ccbcdc1acb
+  metadata.gz: 2dface312df3dd72f2558707f21422af7b66b0f8a88acc7872b1555f4241fdc5
+  data.tar.gz: d21a5469fc1df233d167142b7362a418fc122dd56dd0ffc9237b808585480369
 SHA512:
-  metadata.gz: 6c89e7c5c2d61ec1f3ad51e2357eae7fc75c9901c0b848534b51e7eae5ebf21ce738c3fefcd911bafd3bb4b7d080fc08b77af73c037c53a0d1b081c73e56d367
-  data.tar.gz: bfe1f8b2d59598874f02ff04651618f1cda849a100a72ae537bfece58fc49ae2117a146ab69653e2ef3373742e0424b06f90e06849a8cac94c58a476063538f3
+  metadata.gz: aa7ca44ea66663c738707e26f08f9f034c15125d018017b7494ad06a31396fab263817c828fcd3d93f207de554005ba4ad751dda1d158ab8e41a129d29dfa183
+  data.tar.gz: b44b8added22ac4f11dcf467bee2bcd6ab8dfdcd3e6fcfec8a439f1ca0c9dc4465b2f8cee4fc3075d51cdd793ee78a6fec849f03258d95cde514a1eeb2d5ff35

data/lib/cfn-nag/custom_rules/EC2NetworkAclEntryIneffectiveDenyRule.rb CHANGED

@@ -37,7 +37,7 @@ class EC2NetworkAclEntryIneffectiveDenyRule < BaseRule
   def not_all_cidrs_covered?(nacl_entry)
     (!nacl_entry.cidrBlock.nil? &&
       nacl_entry.cidrBlock != '0.0.0.0/0') ||
-      (!nacl_entry.ipv6CidrBlock.nil? && nacl_entry.ipv6CidrBlock != '::/0')
+      (!nacl_entry.ipv6CidrBlock.nil? && (nacl_entry.ipv6CidrBlock != '::/0' && nacl_entry.ipv6CidrBlock != ':/0'))
   end
   def egress(nacl_entries)

data/lib/cfn-nag/custom_rules/EC2NetworkAclEntryOverlappingPortsRule.rb CHANGED

@@ -34,7 +34,7 @@ class EC2NetworkAclEntryOverlappingPortsRule < BaseRule
   end
   def tcp_or_udp_protocol?(entry1, entry2)
-    %w[6 17].include?(entry1.protocol) && %w[6 17].include?(entry2.protocol)
+    %w[6 17].include?(entry1.protocol.to_s) && %w[6 17].include?(entry2.protocol.to_s)
   end
   def unique_pairs(arr)

data/lib/cfn-nag/custom_rules/EC2NetworkAclEntryPortRangeRule.rb CHANGED

@@ -29,7 +29,7 @@ class EC2NetworkAclEntryPortRangeRule < BaseRule
   # Port Range is required for protocols "6" (TCP) and "17" (UDP)
   def tcp_or_udp_protocol?(network_acl_entry)
-    %w[6 17].include?(network_acl_entry.protocol)
+    %w[6 17].include?(network_acl_entry.protocol.to_s)
   end
   def port_range_params_not_exist?(network_acl_entry)
@@ -38,7 +38,7 @@ class EC2NetworkAclEntryPortRangeRule < BaseRule
   end
   def full_port_range?(network_acl_entry)
-    network_acl_entry.portRange['From'] == '0' && network_acl_entry.portRange['To'] == '65535'
+    network_acl_entry.portRange['From'].to_s == '0' && network_acl_entry.portRange['To'].to_s == '65535'
   end
   def violating_network_acl_entries?(network_acl_entry)

data/lib/cfn-nag/custom_rules/EC2NetworkAclEntryProtocolRule.rb CHANGED

@@ -42,11 +42,11 @@ class EC2NetworkAclEntryProtocolRule < BaseRule
   end
   def tcp_udp_icmp_protocol?(network_acl_entry)
-    %w[1 6 17].include?(network_acl_entry.protocol)
+    %w[1 6 17].include?(network_acl_entry.protocol.to_s)
   end
   def icmpv6_protocol?(network_acl_entry)
-    network_acl_entry.protocol == '58' && !network_acl_entry.ipv6CidrBlock.nil? &&
+    network_acl_entry.protocol.to_s == '58' && !network_acl_entry.ipv6CidrBlock.nil? &&
       !network_acl_entry.icmp.nil? && !network_acl_entry.icmp['Code'].nil? &&
       !network_acl_entry.icmp['Type'].nil?
   end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cfn-nag
 version: !ruby/object:Gem::Version
-  version: 0.5.56
+  version: 0.5.57
 platform: ruby
 authors:
 - Eric Kascic