From 4f0375066a6aa55181960448e2750dcadf00cadd Mon Sep 17 00:00:00 2001
From: sd234678 <48051938+sd234678@users.noreply.github.com>
Date: Fri, 12 Jan 2024 09:52:41 +0000
Subject: [PATCH] Update vulnerability whitelist to include new CVE in zlib
 exceptions

---
 .last-exported-commit        | 2 +-
 vulnerability-whitelist.toml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.last-exported-commit b/.last-exported-commit
index 31e19e0..0223d51 100644
--- a/.last-exported-commit
+++ b/.last-exported-commit
@@ -1 +1 @@
-Last exported commit from parent repo: 7e86c3a08ceba201c906c5f28e28f3f87ccc4684
\ No newline at end of file
+Last exported commit from parent repo: c5579676c0a22df265d5072e1f16d25c2fa17463
\ No newline at end of file
diff --git a/vulnerability-whitelist.toml b/vulnerability-whitelist.toml
index 738768a..9e5991c 100644
--- a/vulnerability-whitelist.toml
+++ b/vulnerability-whitelist.toml
@@ -179,9 +179,9 @@ cve = ["CVE-2022-3064", "CVE-2021-4235", "CVE-2023-2251"]
 comment = "CVEs refer to other things called yaml, not this haskell package."
 
 ["zlib-0.6.3.0"]
-cve = ["CVE-2018-25032", "CVE-2022-37434", "CVE-2023-45853"]
+cve = ["CVE-2018-25032", "CVE-2022-37434", "CVE-2023-45853", "CVE-2023-6992"]
 comment = "Actual zlib dependency is already on a patched version; this version is a haskell library."
 
 ["zlib-1.2.12"]
-cve = ["CVE-2022-37434", "CVE-2023-45853"]
+cve = ["CVE-2022-37434", "CVE-2023-45853", "CVE-2023-6992"]
 comment = "We do not call the affected code with untrusted data."