Add configuration for check of dep vulnerabilities listed in CVE registry

author: Simon Brandhof <simon.brandhof@sonarsource.com> 2015-02-14 14:29:52 +0100
committer: Simon Brandhof <simon.brandhof@sonarsource.com> 2015-02-14 14:29:52 +0100
commit: f7f1203ed3d3183df8802357f7815e248ea6b1a2 (patch)
tree: d9361508657623da0e55f22df739a80e7b793cb9 /cve-false-positives.xml
parent: 94c01944ba8e03b3206ace25853e84094cbacfda (diff)
download: sonarqube-f7f1203ed3d3183df8802357f7815e248ea6b1a2.tar.gz
sonarqube-f7f1203ed3d3183df8802357f7815e248ea6b1a2.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/cve-false-positives.xml b/cve-false-positives.xml
new file mode 100644
index 00000000000..39a01d9e778
--- /dev/null
+++ b/cve-false-positives.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://www.owasp.org/index.php/OWASP_Dependency_Check_Suppression">
+  <suppress>
+    <notes><![CDATA[
+      file name: gson-2.3.1.jar
+      ]]></notes>
+    <sha1>ECB6E1F8E4B0E84C4B886C2F14A1500CAF309757</sha1>
+    <cpe>cpe:/a:google:v8:2.3.1</cpe>
+  </suppress>
+  <suppress>
+    <notes><![CDATA[
+   file name: geronimo-spec-jta-1.0-M1.jar
+   ]]></notes>
+    <sha1>1F01F94B5B83C33950E22CDE224868407FDF8B99</sha1>
+    <cpe>cpe:/a:apache:geronimo:1.0.m1</cpe>
+  </suppress>
+</suppressions>
author	Simon Brandhof <simon.brandhof@sonarsource.com>	2015-02-14 14:29:52 +0100
committer	Simon Brandhof <simon.brandhof@sonarsource.com>	2015-02-14 14:29:52 +0100
commit	f7f1203ed3d3183df8802357f7815e248ea6b1a2 (patch)
tree	d9361508657623da0e55f22df739a80e7b793cb9 /cve-false-positives.xml
parent	94c01944ba8e03b3206ace25853e84094cbacfda (diff)
download	sonarqube-f7f1203ed3d3183df8802357f7815e248ea6b1a2.tar.gz sonarqube-f7f1203ed3d3183df8802357f7815e248ea6b1a2.zip