increase vuln expiry

hypertrace · Feb 2, 2024 · 6b39286 · 6b39286
1 parent 2ed17fb
commit 6b39286
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
@@ -67,14 +67,14 @@
     <packageUrl regex="true">^pkg:maven/org\.hypertrace\.core\.kafkastreams\.framework/avro\-partitioners@.*$</packageUrl>
     <cve>CVE-2023-37475</cve>
   </suppress>
-  <suppress until="2024-01-31Z">
+  <suppress until="2024-02-29Z">
     <notes><![CDATA[
    Not yet fixed in quartz. file name: quartz-2.3.2.jar
    ]]></notes>
     <packageUrl regex="true">^pkg:maven/org\.quartz\-scheduler/quartz@.*$</packageUrl>
     <cve>CVE-2023-39017</cve>
   </suppress>
-  <suppress until="2024-01-30Z">
+  <suppress until="2024-02-29Z">
     <notes><![CDATA[
    file name: json-20230618.jar
    ]]></notes>
@@ -102,11 +102,11 @@
     <packageUrl regex="true">^pkg:maven/io\.netty/netty.*@.*$</packageUrl>
     <vulnerabilityName>CVE-2023-4586</vulnerabilityName>
   </suppress>
-  <suppress until="2024-01-30Z">
+  <suppress until="2024-02-29Z">
     <packageUrl regex="true">^pkg:maven/io\.netty/netty.*@.*$</packageUrl>
     <vulnerabilityName>CVE-2023-44487</vulnerabilityName>
   </suppress>
-  <suppress until="2024-01-31Z">
+  <suppress until="2024-02-29Z">
     <notes><![CDATA[
    This CVE (rapid RST) is already mitigated as our servers aren't directly exposed, but it's also
    addressed in 1.59.1, which the CVE doesn't reflect (not all grpc impls versions are exactly aligned).