This is an automated email from the ASF dual-hosted git repository.
abhishek pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 97a926fb29 Suppress CVE-2022-33915 (#12740)
97a926fb29 is described below
commit 97a926fb29e7750db0836432615fd86b843edd1e
Author: Rohan Garg <[email protected]>
AuthorDate: Mon Jul 4 22:48:08 2022 +0530
Suppress CVE-2022-33915 (#12740)
---
owasp-dependency-check-suppressions.xml | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/owasp-dependency-check-suppressions.xml
b/owasp-dependency-check-suppressions.xml
index f6e9c24076..fb8d6080d7 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -295,6 +295,13 @@
<cve>CVE-2022-23305</cve>
<cve>CVE-2022-23302</cve>
</suppress>
+ <suppress>
+ <notes><![CDATA[
+ file name: log4j-core-2.17.1.jar
+ ]]></notes>
+ <packageUrl
regex="true">^pkg:maven/org.apache.logging.log4j/[email protected]$</packageUrl>
+ <cve>CVE-2022-33915</cve>
+ </suppress>
<suppress>
<!--
- TODO: The lastest version of ambari-metrics-common is 2.7.0.0.0,
released in July 2018.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
