You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/03/10 08:19:10 UTC

[GitHub] [pulsar] eolivelli edited a comment on pull request #14630: [owasp] Suppress ZooKeeper 3.8.0 vulnerabilities

eolivelli edited a comment on pull request #14630:
URL: https://github.com/apache/pulsar/pull/14630#issuecomment-1063786744


   in the ZK project we added these exclusions due to false positives:
   https://github.com/apache/zookeeper/commit/3004c909b78b3056985c8e39925e14bde3baa430
   
   ```
   <suppress>
         <!-- Seems like false positives about zookeeper-jute -->
         <cve>CVE-2021-29425</cve>
         <cve>CVE-2021-28164</cve>
         <cve>CVE-2021-34429</cve>
      </suppress>
   ```
   
   So it is fine to add the same exclusions here


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org