knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kris...@apache.org
Subject [knox] branch master updated: KNOX-2114 - Add OWASP suppression for cas-client-core
Date Sat, 09 Nov 2019 19:51:31 GMT
This is an automated email from the ASF dual-hosted git repository.

krisden pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git


The following commit(s) were added to refs/heads/master by this push:
     new 426054c  KNOX-2114 - Add OWASP suppression for cas-client-core
426054c is described below

commit 426054cc93ccf3d9df1f05280fd23154139a117b
Author: Kevin Risden <krisden@apache.org>
AuthorDate: Sat Nov 9 14:44:16 2019 -0500

    KNOX-2114 - Add OWASP suppression for cas-client-core
    
    Signed-off-by: Kevin Risden <krisden@apache.org>
---
 .../main/resources/build-tools/dependency-check/suppressions.xml   | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/build-tools/src/main/resources/build-tools/dependency-check/suppressions.xml
b/build-tools/src/main/resources/build-tools/dependency-check/suppressions.xml
index ebc2da7..1ee7d6e 100644
--- a/build-tools/src/main/resources/build-tools/dependency-check/suppressions.xml
+++ b/build-tools/src/main/resources/build-tools/dependency-check/suppressions.xml
@@ -15,7 +15,7 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 -->
-<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.1.xsd">
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
     <suppress>
         <notes><![CDATA[file name: commons-net-.*.jar]]></notes>
         <gav regex="true">^commons-net:commons-net:.*$</gav>
@@ -127,6 +127,11 @@ limitations under the License.
         <cpe>cpe:/a:oracle:glassfish</cpe>
     </suppress>
     <suppress>
+        <notes><![CDATA[file name: cas-client-core.*.jar]]></notes>
+        <gav regex="true">^org\.jasig\.cas\.client:cas-client-core:.*$</gav>
+        <cwe>611</cwe>
+    </suppress>
+    <suppress>
         <notes><![CDATA[file name: apache-jsp-.*.jar]]></notes>
         <gav regex="true">^org\.mortbay\.jasper:apache-jsp:.*$</gav>
         <cpe>cpe:/a:apache:tomcat</cpe>


Mime
View raw message