Suppress CVEs for openstack-keystone (#9903)

CVE-2020-12689, CVE-2020-12691, and CVE-2020-12690 can be ignored for
openstack-keystone as they are for the python SDK and druid uses the
java SDK.
This commit is contained in:
Chi Cao Minh 2020-05-22 10:32:17 -07:00 committed by GitHub
parent 132a1c9fe7
commit fd6fffc4b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions

View File

@ -53,6 +53,9 @@
]]></notes> ]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.jclouds\.api/openstack\-keystone@.*$</packageUrl> <packageUrl regex="true">^pkg:maven/org\.apache\.jclouds\.api/openstack\-keystone@.*$</packageUrl>
<cve>CVE-2015-7546</cve> <cve>CVE-2015-7546</cve>
<cve>CVE-2020-12689</cve>
<cve>CVE-2020-12690</cve>
<cve>CVE-2020-12691</cve>
</suppress> </suppress>
<!-- FIXME: These are suppressed so that CI can enforce that no new vulnerable dependencies are added. --> <!-- FIXME: These are suppressed so that CI can enforce that no new vulnerable dependencies are added. -->