This is an automated email from the ASF dual-hosted git repository.
abhishek pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 6bcb778eeb Add CVEs for Hadoop3 (#12336)
6bcb778eeb is described below
commit 6bcb778eeb619c7d41c14e635e3dd6655dfd0599
Author: AmatyaAvadhanula <[email protected]>
AuthorDate: Wed Jun 22 14:12:17 2022 +0530
Add CVEs for Hadoop3 (#12336)
* Add CVEs
* Move CVEs under hadoop3 section
---
owasp-dependency-check-suppressions.xml | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/owasp-dependency-check-suppressions.xml
b/owasp-dependency-check-suppressions.xml
index 6017967fac..f6e9c24076 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -347,9 +347,13 @@
<notes><![CDATA[
file name: hadoop-*-3.3.1.jar
]]></notes>
- <packageUrl
regex="true">^pkg:maven/org\.apache\.hadoop/hadoop\-.*@.*$</packageUrl>
<cve>CVE-2018-11765</cve>
<cve>CVE-2020-9492</cve>
+ <cve>CVE-2021-31684</cve>
+ <cve>CVE-2021-35517</cve>
+ <cve>CVE-2021-35516</cve>
+ <cve>CVE-2021-35515</cve>
+ <cve>CVE-2021-36090</cve>
</suppress>
<suppress>
<!-- The CVE is not applicable to kafka-clients. -->
@@ -469,6 +473,8 @@
<cve>CVE-2019-16335</cve>
<cve>CVE-2019-14893</cve>
<cve>CVE-2019-14540</cve>
+ <cve>CVE-2021-37136</cve>
+ <cve>CVE-2021-37137</cve>
</suppress>
<suppress>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
