[pulsar] branch branch-2.9 updated: [owasp] add suppression for pulsar-package-bookkeeper-storage (#13451)

Tue, 04 Jan 2022 04:33:02 -0800 

This is an automated email from the ASF dual-hosted git repository.

lhotari pushed a commit to branch branch-2.9
in repository https://gitbox.apache.org/repos/asf/pulsar.git


The following commit(s) were added to refs/heads/branch-2.9 by this push:
     new d0bdb74  [owasp] add suppression for pulsar-package-bookkeeper-storage 
(#13451)
d0bdb74 is described below

commit d0bdb74c87b03a4b712884a1c05443021e2d0b49
Author: Nicolò Boschi <[email protected]>
AuthorDate: Wed Dec 22 16:46:03 2021 +0100

    [owasp] add suppression for pulsar-package-bookkeeper-storage (#13451)
    
    (cherry picked from commit 5dd60dbd748e446f8da396b448a5bb16a2ae6902)
---
 src/owasp-dependency-check-false-positives.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/owasp-dependency-check-false-positives.xml 
b/src/owasp-dependency-check-false-positives.xml
index 28e53b5..6cc464e 100644
--- a/src/owasp-dependency-check-false-positives.xml
+++ b/src/owasp-dependency-check-false-positives.xml
@@ -33,6 +33,11 @@
     <cpe>cpe:/a:apache:zookeeper</cpe>
   </suppress>
   <suppress>
+    <notes>pulsar-package-bookkeeper-storage gets mixed with 
bookkeeper.</notes>
+    <gav regex="true">org\.apache\.pulsar:.*</gav>
+    <cpe>cpe:/a:apache:bookkeeper</cpe>
+  </suppress>
+  <suppress>
     <notes>kubernetes client doesn't contain CVE-2020-8554</notes>
     <gav regex="true">io\.kubernetes:.*</gav>
     <cve>CVE-2020-8554</cve>

Reply via email to