This is an automated email from the ASF dual-hosted git repository.
cwylie pushed a commit to branch 31.0.1
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/31.0.1 by this push:
new 1a162cd735f suppress kafka cve for ranger extension (#17531) (#17532)
1a162cd735f is described below
commit 1a162cd735fb463125301ac73bf42a12fff02e32
Author: Clint Wylie <[email protected]>
AuthorDate: Tue Dec 3 11:59:18 2024 -0800
suppress kafka cve for ranger extension (#17531) (#17532)
---
owasp-dependency-check-suppressions.xml | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/owasp-dependency-check-suppressions.xml
b/owasp-dependency-check-suppressions.xml
index 8168a2cf58c..3c634a0df35 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -182,13 +182,15 @@
</suppress>
+ <!-- apache ranger extension kafka dependency -->
<suppress>
<notes><![CDATA[
- file name: kafka-clients-3.2.0.jar
+ file name: kafka-clients-2.8.1.jar
]]></notes>
<packageUrl
regex="true">^pkg:maven/org\.apache\.kafka/kafka\-clients@.*$</packageUrl>
<cve>CVE-2022-34917</cve>
<cve>CVE-2023-25194</cve>
+ <cve>CVE-2024-31141</cve>
</suppress>
<suppress>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
