[druid] branch master updated: Suppress CVE-2022-1471 from snakeyaml (#13557)

karan Thu, 15 Dec 2022 08:10:23 -0800

This is an automated email from the ASF dual-hosted git repository.

karan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git



The following commit(s) were added to refs/heads/master by this push:
     new 431a1195ca Suppress CVE-2022-1471 from snakeyaml (#13557)
431a1195ca is described below

commit 431a1195cae61edac03e6ed5aaeb73c736bd0ea5
Author: Kashif Faraz <[email protected]>
AuthorDate: Thu Dec 15 21:39:14 2022 +0530

    Suppress CVE-2022-1471 from snakeyaml (#13557)
    
    * Upgrade kube client to 17.0.0
    
    * Remove snakeyaml CVE suppression
    
    * Update licenses.yaml
    
    * Revert changes and suppress cve
---
 owasp-dependency-check-suppressions.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/owasp-dependency-check-suppressions.xml 
b/owasp-dependency-check-suppressions.xml
index a09ed507cc..4f6f70a8f1 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -244,6 +244,7 @@
     file name: snakeyaml-1.27.jar
     ]]></notes>
     <cve>CVE-2022-25857</cve>
+    <cve>CVE-2022-1471</cve>
   </suppress>
   <suppress>
     <notes><![CDATA[


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[druid] branch master updated: Suppress CVE-2022-1471 from snakeyaml (#13557)

Reply via email to