You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@druid.apache.org by ab...@apache.org on 2022/09/23 10:53:43 UTC
[druid] branch master updated: Suppress Calcite CVE (#13119)
This is an automated email from the ASF dual-hosted git repository.
abhishek pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 306f612f86 Suppress Calcite CVE (#13119)
306f612f86 is described below
commit 306f612f866790eb69a6e6fa365b70c542135fe4
Author: Adarsh Sanjeev <ad...@gmail.com>
AuthorDate: Fri Sep 23 16:23:26 2022 +0530
Suppress Calcite CVE (#13119)
* Suppress Calcite CVE
* Update comment
---
owasp-dependency-check-suppressions.xml | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/owasp-dependency-check-suppressions.xml b/owasp-dependency-check-suppressions.xml
index f3bb997550..e4bbe3de3a 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -632,4 +632,26 @@
<cve>CVE-2022-31197</cve>
</suppress>
+ <suppress>
+ <!-- avatica-server-1.17.0.jar -->
+ <notes><![CDATA[
+ file name: avatica-server-1.17.0.jar
+ ]]></notes>
+ <!--
+ We do not expose any of the SQL operators that were found vulnerable in this CVE.
+ -->
+ <cve>CVE-2022-39135</cve>
+ </suppress>
+
+ <suppress>
+ <!-- calcite-core-1.21.0.jar -->
+ <notes><![CDATA[
+ file name: calcite-core-1.21.0.jar
+ ]]></notes>
+ <!--
+ We do not expose any of the SQL operators that were found vulnerable in this CVE.
+ -->
+ <cve>CVE-2022-39135</cve>
+ </suppress>
+
</suppressions>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org