From 05faab6cbcb3a7f321b02ce2569fd34ad377a151 Mon Sep 17 00:00:00 2001
From: manuelsommer <47991713+manuel-sommer@users.noreply.github.com>
Date: Fri, 18 Oct 2024 22:33:15 +0200
Subject: [PATCH] :tada: ADD ELSA errata (#11069)

* :tada: ADD ELSA errata

* ruff

* rebase
---
 dojo/settings/.settings.dist.py.sha256sum | 2 +-
 dojo/settings/settings.dist.py            | 1 +
 dojo/templatetags/display_tags.py         | 2 ++
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/dojo/settings/.settings.dist.py.sha256sum b/dojo/settings/.settings.dist.py.sha256sum
index b26b379a22c..476d3116d4e 100644
--- a/dojo/settings/.settings.dist.py.sha256sum
+++ b/dojo/settings/.settings.dist.py.sha256sum
@@ -1 +1 @@
-4d3e91f176b73278750dc2f46d27cd4fe2b47d24682ad06d6267880bbdec599c
+42026ac47884ee26fe742e59fb7dc621b5f927ee6ee3c92daf09b97f2a740163
diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
index 39e033010db..1493afadd9d 100644
--- a/dojo/settings/settings.dist.py
+++ b/dojo/settings/settings.dist.py
@@ -1735,6 +1735,7 @@ def saml2_attrib_map_format(dict):
     "ALSA": "https://osv.dev/vulnerability/",  # e.g. https://osv.dev/vulnerability/ALSA-2024:0827
     "USN": "https://ubuntu.com/security/notices/",  # e.g. https://ubuntu.com/security/notices/USN-6642-1
     "DLA": "https://security-tracker.debian.org/tracker/",  # e.g. https://security-tracker.debian.org/tracker/DLA-3917-1
+    "ELSA": "https://linux.oracle.com/errata/&&.html",  # e.g. https://linux.oracle.com/errata/ELSA-2024-12714.html
 }
 # List of acceptable file types that can be uploaded to a given object via arbitrary file upload
 FILE_UPLOAD_TYPES = env("DD_FILE_UPLOAD_TYPES")
diff --git a/dojo/templatetags/display_tags.py b/dojo/templatetags/display_tags.py
index e00603f9eec..7b634febf63 100644
--- a/dojo/templatetags/display_tags.py
+++ b/dojo/templatetags/display_tags.py
@@ -780,6 +780,8 @@ def vulnerability_url(vulnerability_id):
 
     for key in settings.VULNERABILITY_URLS:
         if vulnerability_id.upper().startswith(key):
+            if "&&" in settings.VULNERABILITY_URLS[key]:
+                return settings.VULNERABILITY_URLS[key].split("&&")[0] + str(vulnerability_id) + settings.VULNERABILITY_URLS[key].split("&&")[1]
             return settings.VULNERABILITY_URLS[key] + str(vulnerability_id)
     return ""