This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-3.0
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-3.0 by this push:
new 5c4dd3b993 Remove unused suppressions
5c4dd3b993 is described below
commit 5c4dd3b99393c63c1e0c5a672f0af28361541a7a
Author: Brandon Williams <brandonwilli...@apache.org>
AuthorDate: Fri Aug 4 08:30:42 2023 -0500
Remove unused suppressions
Patch by brandonwilliams; reviewed by adelapena and edimitrova for
CASSANDRA-18724
---
.build/dependency-check-suppressions.xml | 44 --------------------------------
CHANGES.txt | 1 +
2 files changed, 1 insertion(+), 44 deletions(-)
diff --git a/.build/dependency-check-suppressions.xml
b/.build/dependency-check-suppressions.xml
index dead8f6120..d0a81458db 100644
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@ -62,25 +62,6 @@
<cve>CVE-2023-34462</cve>
</suppress>
- <!-- https://issues.apache.org/jira/browse/CASSANDRA-14183 -->
- <suppress>
- <packageUrl
regex="true">^pkg:maven/ch\.qos\.logback/logback\-core@.*$</packageUrl>
- <cve>CVE-2017-5929</cve>
- </suppress>
- <suppress>
- <packageUrl
regex="true">^pkg:maven/ch\.qos\.logback/logback\-classic@.*$</packageUrl>
- <cve>CVE-2017-5929</cve>
- </suppress>
-
- <!-- this was fixed in 3.0.22 -->
- <suppress>
- <packageUrl
regex="true">^pkg:maven/com\.datastax\.cassandra/cassandra\-driver\-core@.*$</packageUrl>
- <cve>CVE-2019-2684</cve>
- <cve>CVE-2020-13946</cve>
- <cve>CVE-2020-17516</cve>
- <cve>CVE-2021-44521</cve>
- </suppress>
-
<!-- https://issues.apache.org/jira/browse/CASSANDRA-14760 -->
<suppress>
<packageUrl
regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl>
@@ -89,24 +70,6 @@
<cve>CVE-2023-2976</cve>
</suppress>
- <!-- https://issues.apache.org/jira/browse/CASSANDRA-18146 -->
- <suppress>
- <packageUrl
regex="true">^pkg:maven/org\.apache\.commons.*$</packageUrl>
- <cve>CVE-2021-37533</cve>
- </suppress>
- <suppress>
- <packageUrl regex="true">^pkg:maven/commons-io/.*$</packageUrl>
- <cve>CVE-2021-37533</cve>
- </suppress>
- <suppress>
- <packageUrl regex="true">^pkg:maven/commons-cli/.*$</packageUrl>
- <cve>CVE-2021-37533</cve>
- </suppress>
- <suppress>
- <packageUrl regex="true">^pkg:maven/commons-codec/.*$</packageUrl>
- <cve>CVE-2021-37533</cve>
- </suppress>
-
<!-- https://issues.apache.org/jira/browse/CASSANDRA-16606 -->
<suppress>
<packageUrl
regex="true">^pkg:maven/org\.apache\.thrift/libthrift@.*$</packageUrl>
@@ -142,12 +105,5 @@
<cve>CVE-2019-16335</cve>
<cve>CVE-2019-17267</cve>
</suppress>
- <!-- https://issues.apache.org/jira/browse/CASSANDRA-18630 -->
- <suppress>
- <packageUrl
regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
- <cve>CVE-2023-35116</cve>
- <cve>CVE-2022-42003</cve>
- <cve>CVE-2022-42004</cve>
- </suppress>
</suppressions>
diff --git a/CHANGES.txt b/CHANGES.txt
index fbe5e0751b..697262750a 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
3.0.30
+ * Remove unused suppressions (CASSANDRA-18724)
* Upgrade OWASP to 8.3.1 (CASSANDRA-18650)
* Suppress CVE-2023-34462 (CASSANDRA-18649)
* Add support for AWS Ec2 IMDSv2 (CASSANDRA-16555)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
