Remove outdated suppression for CVE-2023-3635

author: Albin <albin@mullvad.net> 2024-06-07 10:46:22 +0200
committer: Albin <albin@mullvad.net> 2024-06-07 11:28:37 +0200
commit: 33be62329b449c54cef482c6578fb0b0bc92dc72 (patch)
tree: 7cac8641bad425f31b99ee82780e51981a135414 /android
parent: 7d761d2600787d373639abe5e20ed51805880cd8 (diff)
download: mullvadvpn-33be62329b449c54cef482c6578fb0b0bc92dc72.tar.xz
mullvadvpn-33be62329b449c54cef482c6578fb0b0bc92dc72.zip
2 files changed, 0 insertions, 20 deletions
diff --git a/android/config/dependency-check-suppression.xml b/android/config/dependency-check-suppression.xml
index c7fd525968..cfc9a57563 100644
--- a/android/config/dependency-check-suppression.xml
+++ b/android/config/dependency-check-suppression.xml
@@ -8,16 +8,6 @@
         <packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-stdlib.*@.*$</packageUrl>
         <cve>CVE-2022-24329</cve>
     </suppress>
-    <suppress until="2024-06-01Z">
-        <notes><![CDATA[
-        This CVE only affect the leakCanary build type which is limited to memory leak testing etc.
-        This will most likely be solved by bumping to a future version of the leakcanary dependency
-        where a fixed version of okio is used.
-        https://nvd.nist.gov/vuln/detail/CVE-2023-3635
-        ]]></notes>
-        <packageUrl regex="true">^pkg:maven/com\.squareup\.okio/okio@.*$</packageUrl>
-        <cve>CVE-2023-3635</cve>
-    </suppress>
     <suppress until="2024-09-01Z">
         <notes><![CDATA[
           This CVE only affect programs using loadXML and is derived from using ksp.
diff --git a/android/test/test-suppression.xml b/android/test/test-suppression.xml
index 2e379e9062..ef8f8c4702 100644
--- a/android/test/test-suppression.xml
+++ b/android/test/test-suppression.xml
@@ -1,15 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
-    <suppress until="2024-06-01Z">
-        <notes><![CDATA[
-        This CVE only affect the leakCanary build type which is limited to memory leak testing etc.
-        This will most likely be solved by bumping to a future version of the leakcanary dependency
-        where a fixed version of okio is used.
-        https://nvd.nist.gov/vuln/detail/CVE-2023-3635
-        ]]></notes>
-        <packageUrl regex="true">^pkg:maven/com\.squareup\.okio/okio.*@.*$</packageUrl>
-        <cve>CVE-2023-3635</cve>
-    </suppress>
     <suppress until="2024-09-01Z">
         <notes><![CDATA[
             False-positive related to Drupal rather than Android development.
author	Albin <albin@mullvad.net>	2024-06-07 10:46:22 +0200
committer	Albin <albin@mullvad.net>	2024-06-07 11:28:37 +0200
commit	33be62329b449c54cef482c6578fb0b0bc92dc72 (patch)
tree	7cac8641bad425f31b99ee82780e51981a135414 /android
parent	7d761d2600787d373639abe5e20ed51805880cd8 (diff)
download	mullvadvpn-33be62329b449c54cef482c6578fb0b0bc92dc72.tar.xz mullvadvpn-33be62329b449c54cef482c6578fb0b0bc92dc72.zip