Update bdba yaml for x-net component in caddy and otelcol-contrib (open-edge-platform#49)

bunnichx · web-flow · commit 668cb53b47af · 2025-04-09T00:41:08.000+08:00
For CVE-2025-22870, Update x-net component to false positive both in caddy and otelcol-contrib specs.
diff --git a/SPECS/caddy/.bdba.yaml b/SPECS/caddy/.bdba.yaml
@@ -210,3 +210,11 @@ overrides:
   forceVersion: true
   files:
   - path: usr/bin/caddy
+  vulnerabilityTriages:
+- component:
+    name: x-net
+  triages:
+  - cve: CVE-2025-22870
+    resolution: FalsePositive
+    comment: "x-net component is not using httpproxy but using httpguts"
+
diff --git a/SPECS/otelcol-contrib/.bdba.yaml b/SPECS/otelcol-contrib/.bdba.yaml
@@ -30,3 +30,11 @@ overrides:
   forceVersion: true
   files:
   - path: usr/bin/otelcol-contrib
+  vulnerabilityTriages:
+- component:
+    name: x-net
+  triages:
+  - cve: CVE-2025-22870
+    resolution: FalsePositive
+    comment: "x-net component is not using httpproxy"
+
