Skip to content

Commit

Permalink
Update vulnerability whitelist to include new CVE in zlib exceptions
Browse files Browse the repository at this point in the history
  • Loading branch information
@sd234678
sd234678 committed Jan 12, 2024
1 parent 323be8a commit 4f03750
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion .last-exported-commit
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
Last exported commit from parent repo: 7e86c3a08ceba201c906c5f28e28f3f87ccc4684
Last exported commit from parent repo: c5579676c0a22df265d5072e1f16d25c2fa17463
4 changes: 2 additions & 2 deletions vulnerability-whitelist.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,9 +179,9 @@ cve = ["CVE-2022-3064", "CVE-2021-4235", "CVE-2023-2251"]
comment = "CVEs refer to other things called yaml, not this haskell package."

["zlib-0.6.3.0"]
cve = ["CVE-2018-25032", "CVE-2022-37434", "CVE-2023-45853"]
cve = ["CVE-2018-25032", "CVE-2022-37434", "CVE-2023-45853", "CVE-2023-6992"]
comment = "Actual zlib dependency is already on a patched version; this version is a haskell library."

["zlib-1.2.12"]
cve = ["CVE-2022-37434", "CVE-2023-45853"]
cve = ["CVE-2022-37434", "CVE-2023-45853", "CVE-2023-6992"]
comment = "We do not call the affected code with untrusted data."

0 comments on commit 4f03750

Please sign in to comment.