This is an automated email from the ASF dual-hosted git repository.
karan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 1cc9bc9af9 Suppress CVE-2022-45685 and CVE-2022-45693 from
jettison-1.3 (#13585)
1cc9bc9af9 is described below
commit 1cc9bc9af9ca7c5697a2e8d6fbd4e0cc1164da5c
Author: Kashif Faraz <[email protected]>
AuthorDate: Fri Dec 16 22:56:30 2022 +0530
Suppress CVE-2022-45685 and CVE-2022-45693 from jettison-1.3 (#13585)
---
owasp-dependency-check-suppressions.xml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/owasp-dependency-check-suppressions.xml
b/owasp-dependency-check-suppressions.xml
index 4f6f70a8f1..79063189d2 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -228,6 +228,8 @@
<packageUrl
regex="true">^pkg:maven/org\.codehaus\.jettison/jettison@1.*$</packageUrl>
<cve>CVE-2022-40149</cve>
<cve>CVE-2022-40150</cve>
+ <cve>CVE-2022-45685</cve>
+ <cve>CVE-2022-45693</cve>
</suppress>
<suppress>
<!-- TODO: Fix by using com.datastax.oss:java-driver-core instead of
com.netflix.astyanax:astyanax in extensions-contrib/cassandra-storage -->
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
