From 73c39ed9e82eab1c4ec3c09c6f57049da1b0bb56 Mon Sep 17 00:00:00 2001
From: Tim Smith <tim@mondoo.com>
Date: Thu, 8 Aug 2024 11:06:45 -0700
Subject: [PATCH] Update core/mondoo-dockerfile-security.mql.yaml

Co-authored-by: Letha <letha@mondoo.com>
Signed-off-by: Tim Smith <tim@mondoo.com>
---
 core/mondoo-dockerfile-security.mql.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/mondoo-dockerfile-security.mql.yaml b/core/mondoo-dockerfile-security.mql.yaml
index c3f2d1bf..6f413837 100644
--- a/core/mondoo-dockerfile-security.mql.yaml
+++ b/core/mondoo-dockerfile-security.mql.yaml
@@ -162,8 +162,8 @@ queries:
         Ensure that the `--nogpgcheck` option is not used with YUM or DNF in Dockerfile `RUN` instructions.
         Skipping GPG validation can expose the container to risks by allowing packages with untrusted or missing GPG signatures.
       remediation: |
-        Review the Dockerfile `RUN` instructions to ensure that YUM or DNF commands do not use the `--nogpgcheck` option.
-        Configure YUM or DNF to perform GPG validation to enhance the security of your container configurations.
+        - Review the Dockerfile `RUN` instructions to ensure that YUM or DNF commands do not use the `--nogpgcheck` option.
+        - Configure YUM or DNF to perform GPG validation to enhance the security of your container configurations.
   - uid: mondoo-docker-security-non-root-user
     title: Don't run containers as root user
     impact: 100