Skip to content

Commit

Permalink
Silent OSV on quic-go bump
Browse files Browse the repository at this point in the history 
There is nothing we can do on our and, we have to
wait for Caddy releases:
caddyserver/caddy#6210

Silent for a week to keep it under scrutinity.

Part of: request #37550 github.com/quic-go/quic-go 0.40.1 -> 0.42

Change-Id: Idf6d1af4ba83b0a1941c2a7c67e2bf42773058f4
  • Loading branch information
@vaceletm
vaceletm committed Apr 3, 2024
1 parent 01b5d33 commit d5a09fc
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions tools/utils/osv-scanner/config.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,3 +86,10 @@ reason = "@vue/component-compiler-utils will be removed when the Vue 2 migration
id = "GO-2024-2631" # CVE-2024-28180
reason = "No JWE in Tuleap use case and upstreams need to sort out the issue in their dep trees."
ignoreUntil = 2024-05-19

## github.com/quic-go/quic-go
[[IgnoredVulns]]
id = "GHSA-c33x-xqrf-c478" # CVE-2024-22189
# https://github.com/caddyserver/caddy/issues/6210
reason = "Wait for new Caddy release"
ignoreUntil = 2024-04-10

0 comments on commit d5a09fc

Please sign in to comment.