Skip to content

Commit 73c93e1

Browse files
trasktrask
committed
Suppress CVEs from Netty
1 parent 0360bbd commit 73c93e1

File tree

6 files changed

+69
-0
lines changed

6 files changed

+69
-0
lines changed

azure-application-insights-spring-boot-starter/dependency-check-suppressions.xml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,4 +40,13 @@
4040
<packageUrl regex="true">^pkg:maven/org\.apache\.tomcat\.embed/tomcat\-embed\-core@.*$</packageUrl>
4141
<cve>CVE-2019-10072</cve>
4242
</suppress>
43+
<suppress>
44+
<notes><![CDATA[
45+
file name: grpc-netty-shaded-1.24.0.jar
46+
]]></notes>
47+
<packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-netty\-shaded@.*$</packageUrl>
48+
<cve>CVE-2014-3488</cve>
49+
<cve>CVE-2015-2156</cve>
50+
<cve>CVE-2019-16869</cve>
51+
</suppress>
4352
</suppressions>

collectd/dependency-check-suppressions.xml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
3+
<suppress>
4+
<notes><![CDATA[
5+
file name: grpc-netty-shaded-1.24.0.jar
6+
]]></notes>
7+
<packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-netty\-shaded@.*$</packageUrl>
8+
<cve>CVE-2014-3488</cve>
9+
<cve>CVE-2015-2156</cve>
10+
<cve>CVE-2019-16869</cve>
11+
</suppress>
12+
</suppressions>

core/dependency-check-suppressions.xml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
3+
<suppress>
4+
<notes><![CDATA[
5+
file name: grpc-netty-shaded-1.24.0.jar
6+
]]></notes>
7+
<packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-netty\-shaded@.*$</packageUrl>
8+
<cve>CVE-2014-3488</cve>
9+
<cve>CVE-2015-2156</cve>
10+
<cve>CVE-2019-16869</cve>
11+
</suppress>
12+
</suppressions>

logging/log4j1_2/dependency-check-suppressions.xml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
3+
<suppress>
4+
<notes><![CDATA[
5+
file name: grpc-netty-shaded-1.24.0.jar
6+
]]></notes>
7+
<packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-netty\-shaded@.*$</packageUrl>
8+
<cve>CVE-2014-3488</cve>
9+
<cve>CVE-2015-2156</cve>
10+
<cve>CVE-2019-16869</cve>
11+
</suppress>
12+
</suppressions>

logging/log4j2/dependency-check-suppressions.xml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
3+
<suppress>
4+
<notes><![CDATA[
5+
file name: grpc-netty-shaded-1.24.0.jar
6+
]]></notes>
7+
<packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-netty\-shaded@.*$</packageUrl>
8+
<cve>CVE-2014-3488</cve>
9+
<cve>CVE-2015-2156</cve>
10+
<cve>CVE-2019-16869</cve>
11+
</suppress>
12+
</suppressions>

logging/logback/dependency-check-suppressions.xml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
3+
<suppress>
4+
<notes><![CDATA[
5+
file name: grpc-netty-shaded-1.24.0.jar
6+
]]></notes>
7+
<packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-netty\-shaded@.*$</packageUrl>
8+
<cve>CVE-2014-3488</cve>
9+
<cve>CVE-2015-2156</cve>
10+
<cve>CVE-2019-16869</cve>
11+
</suppress>
12+
</suppressions>

0 commit comments

Comments
 (0)