Skip to content

Commit

Permalink
Added a suppression for derby database, since we do not use LDAP, we …
Browse files Browse the repository at this point in the history
…are fine (#1038)
  • Loading branch information
sparkhi authored Jan 4, 2024
1 parent 1eb2432 commit 07c8318
Show file tree
Hide file tree
Showing 9 changed files with 28 additions and 420 deletions.
49 changes: 0 additions & 49 deletions droid-api/dependency-check/suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,53 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-core-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-core@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-tx-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-tx@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-aop-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-aop@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-jdbc-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-jdbc@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-beans-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-beans@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-context-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-context@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-expression-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-expression@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
</suppressions>

50 changes: 4 additions & 46 deletions droid-binary/dependency-check/suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,53 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2022-10-01Z">
<suppress>
<notes><![CDATA[
file name: spring-core-5.3.20.jar
file name: derby-10.13.1.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-core@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-tx-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-tx@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-aop-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-aop@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-jdbc-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-jdbc@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-beans-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-beans@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-context-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-context@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-expression-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-expression@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
<packageUrl regex="true">^pkg:maven/org\.apache\.derby/derby@.*$</packageUrl>
<cve>CVE-2022-46337</cve>
</suppress>
</suppressions>

50 changes: 4 additions & 46 deletions droid-command-line/dependency-check/suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,53 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2022-10-01Z">
<suppress>
<notes><![CDATA[
file name: spring-core-5.3.20.jar
file name: derby-10.13.1.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-core@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-tx-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-tx@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-aop-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-aop@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-jdbc-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-jdbc@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-beans-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-beans@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-context-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-context@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-expression-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-expression@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
<packageUrl regex="true">^pkg:maven/org\.apache\.derby/derby@.*$</packageUrl>
<cve>CVE-2022-46337</cve>
</suppress>
</suppressions>

50 changes: 4 additions & 46 deletions droid-export/dependency-check/suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,53 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2022-10-01Z">
<suppress>
<notes><![CDATA[
file name: spring-core-5.3.20.jar
file name: derby-10.13.1.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-core@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-tx-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-tx@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-aop-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-aop@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-jdbc-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-jdbc@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-beans-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-beans@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-context-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-context@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-expression-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-expression@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
<packageUrl regex="true">^pkg:maven/org\.apache\.derby/derby@.*$</packageUrl>
<cve>CVE-2022-46337</cve>
</suppress>
</suppressions>

49 changes: 0 additions & 49 deletions droid-parent/dependency-check/suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,53 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-core-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-core@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-tx-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-tx@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-aop-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-aop@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-jdbc-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-jdbc@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-beans-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-beans@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-context-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-context@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-expression-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-expression@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
</suppressions>

50 changes: 4 additions & 46 deletions droid-report-interfaces/dependency-check/suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,52 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2022-10-01Z">
<suppress>
<notes><![CDATA[
file name: spring-core-5.3.20.jar
file name: derby-10.13.1.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-core@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-tx-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-tx@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-aop-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-aop@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-jdbc-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-jdbc@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-beans-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-beans@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-context-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-context@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-expression-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-expression@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
<packageUrl regex="true">^pkg:maven/org\.apache\.derby/derby@.*$</packageUrl>
<cve>CVE-2022-46337</cve>
</suppress>
</suppressions>
50 changes: 4 additions & 46 deletions droid-report/dependency-check/suppressions.xml
Original file line number Diff line number Diff line change
@@ -1,53 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2022-10-01Z">
<suppress>
<notes><![CDATA[
file name: spring-core-5.3.20.jar
file name: derby-10.13.1.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-core@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-tx-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-tx@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-aop-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-aop@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-jdbc-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-jdbc@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-beans-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-beans@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-context-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-context@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress until="2022-10-01Z">
<notes><![CDATA[
file name: spring-expression-5.3.20.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring\-expression@.*$</packageUrl>
<cve>CVE-2016-1000027</cve>
<packageUrl regex="true">^pkg:maven/org\.apache\.derby/derby@.*$</packageUrl>
<cve>CVE-2022-46337</cve>
</suppress>
</suppressions>

Loading

0 comments on commit 07c8318

Please sign in to comment.