diff options
| author | Albin <albin@mullvad.net> | 2023-05-03 08:25:48 +0200 |
|---|---|---|
| committer | Albin <albin@mullvad.net> | 2023-05-03 08:25:50 +0200 |
| commit | 9114da9bf353d2ec05ab6dfcd9a630155cfde226 (patch) | |
| tree | 574f0368f74e8a3ca4145ab66fffa425467451fc /android | |
| parent | badfee5d8d8ca9c232842d8afee23eeb601ab846 (diff) | |
| download | mullvadvpn-9114da9bf353d2ec05ab6dfcd9a630155cfde226.tar.xz mullvadvpn-9114da9bf353d2ec05ab6dfcd9a630155cfde226.zip | |
Push suppression review date
New review date: 2023-06-01
Diffstat (limited to 'android')
| -rw-r--r-- | android/config/dependency-check-suppression.xml | 14 | ||||
| -rw-r--r-- | android/test/test-suppression.xml | 12 |
2 files changed, 13 insertions, 13 deletions
diff --git a/android/config/dependency-check-suppression.xml b/android/config/dependency-check-suppression.xml index 95ac0f85c8..ef18e06c2a 100644 --- a/android/config/dependency-check-suppression.xml +++ b/android/config/dependency-check-suppression.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd"> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic checks and tracking externally. @@ -10,7 +10,7 @@ <packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf\-lite@.*$</packageUrl> <cve>CVE-2021-22569</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic checks and tracking externally. @@ -20,7 +20,7 @@ <packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf\-lite@.*$</packageUrl> <cve>CVE-2022-3171</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE affects the Apache Commons Net's FTP client that this app doesn't use. https://www.openwall.com/lists/oss-security/2022/12/03/1 @@ -35,7 +35,7 @@ <packageUrl regex="true">^pkg:maven/commons\-.*/commons\-.*@.*$</packageUrl> <cve>CVE-2021-37533</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic checks and tracking externally. @@ -45,7 +45,7 @@ <packageUrl regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl> <cve>CVE-2020-8908</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic checks and tracking externally. @@ -55,7 +55,7 @@ <packageUrl regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl> <cve>CVE-2020-8908</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic checks and tracking externally. @@ -65,7 +65,7 @@ <packageUrl regex="true">^pkg:maven/org\.jsoup/jsoup@.*$</packageUrl> <cve>CVE-2021-37714</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic checks and tracking externally. diff --git a/android/test/test-suppression.xml b/android/test/test-suppression.xml index 2b57bc13e8..1a3614b6a9 100644 --- a/android/test/test-suppression.xml +++ b/android/test/test-suppression.xml @@ -4,7 +4,7 @@ CVEs in the e2e project are deemed less severe than CVEs in the main projects as CVEs in the e2e project doesn't affect release or debug versions of the app. --> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE is tracked externally and is therefore suppressed in the automatic audit checks. ]]></notes> @@ -14,7 +14,7 @@ <cve>CVE-2022-3510</cve> <cve>CVE-2021-22569</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ These CVEs affects the Apache Commons Net's FTP client that this app doesn't use. https://www.openwall.com/lists/oss-security/2022/12/03/1 @@ -29,7 +29,7 @@ <packageUrl regex="true">^pkg:maven/commons\-.*/commons\-.*@.*$</packageUrl> <cve>CVE-2021-37533</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE is tracked externally and is therefore suppressed in the automatic audit checks. https://nvd.nist.gov/vuln/detail/CVE-2021-29425 @@ -39,7 +39,7 @@ <packageUrl regex="true">^pkg:maven/commons\-io/commons\-io@.*$</packageUrl> <cve>CVE-2021-29425</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ These CVEs are tracked externally and is therefore suppressed in the automatic audit checks. ]]></notes> @@ -54,7 +54,7 @@ <cve>CVE-2022-41881</cve> <cve>CVE-2022-41915</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE is tracked externally and is therefore suppressed in the automatic audit checks. https://nvd.nist.gov/vuln/detail/CVE-2022-25647 @@ -64,7 +64,7 @@ <packageUrl regex="true">^pkg:maven/com\.google\.code\.gson/gson@.*$</packageUrl> <cve>CVE-2022-25647</cve> </suppress> - <suppress until="2023-05-01Z"> + <suppress until="2023-06-01Z"> <notes><![CDATA[ This CVE only affect Multiplatform Gradle Projects, which this project is not. https://nvd.nist.gov/vuln/detail/CVE-2022-24329 |