mirror of https://github.com/apache/druid.git
Suppress CVEs for openstack-keystone (#9903)
CVE-2020-12689, CVE-2020-12691, and CVE-2020-12690 can be ignored for openstack-keystone as they are for the python SDK and druid uses the java SDK.
This commit is contained in:
parent
132a1c9fe7
commit
fd6fffc4b8
|
@ -53,6 +53,9 @@
|
||||||
]]></notes>
|
]]></notes>
|
||||||
<packageUrl regex="true">^pkg:maven/org\.apache\.jclouds\.api/openstack\-keystone@.*$</packageUrl>
|
<packageUrl regex="true">^pkg:maven/org\.apache\.jclouds\.api/openstack\-keystone@.*$</packageUrl>
|
||||||
<cve>CVE-2015-7546</cve>
|
<cve>CVE-2015-7546</cve>
|
||||||
|
<cve>CVE-2020-12689</cve>
|
||||||
|
<cve>CVE-2020-12690</cve>
|
||||||
|
<cve>CVE-2020-12691</cve>
|
||||||
</suppress>
|
</suppress>
|
||||||
|
|
||||||
<!-- FIXME: These are suppressed so that CI can enforce that no new vulnerable dependencies are added. -->
|
<!-- FIXME: These are suppressed so that CI can enforce that no new vulnerable dependencies are added. -->
|
||||||
|
|
Loading…
Reference in New Issue