You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by kr...@apache.org on 2019/11/09 19:46:50 UTC
[knox] branch master updated: KNOX-2098 - OWASP Add Nov 2019
suppressions for false positives (#184)
This is an automated email from the ASF dual-hosted git repository.
krisden pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new 7ff6a92 KNOX-2098 - OWASP Add Nov 2019 suppressions for false positives (#184)
7ff6a92 is described below
commit 7ff6a927e792ae32e24b3c6a10688aba598812e3
Author: Kevin Risden <ri...@users.noreply.github.com>
AuthorDate: Sat Nov 9 14:46:43 2019 -0500
KNOX-2098 - OWASP Add Nov 2019 suppressions for false positives (#184)
Signed-off-by: Kevin Risden <kr...@apache.org>
---
.../build-tools/dependency-check/suppressions.xml | 19 +++++++++++++++++++
pom.xml | 5 +++++
2 files changed, 24 insertions(+)
diff --git a/build-tools/src/main/resources/build-tools/dependency-check/suppressions.xml b/build-tools/src/main/resources/build-tools/dependency-check/suppressions.xml
index e97a901..ebc2da7 100644
--- a/build-tools/src/main/resources/build-tools/dependency-check/suppressions.xml
+++ b/build-tools/src/main/resources/build-tools/dependency-check/suppressions.xml
@@ -22,11 +22,28 @@ limitations under the License.
<cpe>cpe:/a:echo_project:echo</cpe>
</suppress>
<suppress>
+ <notes><![CDATA[file name: cloudera-manager-api-swagger.*.jar]]></notes>
+ <gav regex="true">^com\.cloudera\.api\.swagger:cloudera-manager-api-swagger:.*$</gav>
+ <cpe>cpe:/a:cloudera:cloudera_manager</cpe>
+ <cpe>cpe:/a:cloudera:manager</cpe>
+ <cpe>cpe:/a:swagger:swagger-codegen</cpe>
+ </suppress>
+ <suppress>
<notes><![CDATA[file name: amqp-client-.*.jar]]></notes>
<gav regex="true">^com\.rabbitmq:amqp-client:.*$</gav>
<cpe>cpe:/a:pivotal_software:rabbitmq</cpe>
</suppress>
<suppress>
+ <notes><![CDATA[file name: forbiddenapis.*.jar]]></notes>
+ <gav regex="true">^de\.thetaphi:forbiddenapis:.*$</gav>
+ <cpe>cpe:/a:gradle:gradle</cpe>
+ </suppress>
+ <suppress>
+ <notes><![CDATA[file name: netty-*.Final.jar]]></notes>
+ <gav regex="true">^io\.netty:netty:.*$</gav>
+ <cve>CVE-2019-16869</cve>
+ </suppress>
+ <suppress>
<notes><![CDATA[file name: javax.jws-api-.*.jar]]></notes>
<gav regex="true">^javax\.jws:javax\.jws-api:.*$</gav>
<cpe>cpe:/a:oracle:glassfish</cpe>
@@ -58,6 +75,7 @@ limitations under the License.
<cpe>cpe:/a:apache:hbase</cpe>
<cpe>cpe:/a:apache:hive</cpe>
<cpe>cpe:/a:apache:http_server</cpe>
+ <cpe>cpe:/a:apache:impala</cpe>
<cpe>cpe:/a:apache:nifi</cpe>
<cpe>cpe:/a:apache:shiro</cpe>
<cpe>cpe:/a:apache:storm</cpe>
@@ -100,6 +118,7 @@ limitations under the License.
<suppress>
<notes><![CDATA[file name: ha-api-.*.jar]]></notes>
<gav regex="true">^org\.glassfish\.ha:ha-api:.*$</gav>
+ <cpe>cpe:/a:eclipse:eclipse_ide</cpe>
<cpe>cpe:/a:oracle:glassfish</cpe>
</suppress>
<suppress>
diff --git a/pom.xml b/pom.xml
index c52a6f5..5ce19c1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2082,6 +2082,11 @@
<version>${spring-core.version}</version>
</dependency>
<dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-orm</artifactId>
+ <version>${spring-core.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.dom4j</groupId>
<artifactId>dom4j</artifactId>
<version>${dom4j.version}</version>