Suppresses vulnerability alert for OVal

commit: 67900147e851763a83747abaf69b9a870451836d [log] [tgz]
author: Lukasz Lenart <lukaszlenart@apache.org> Sat May 16 06:19:42 2020 +0200
committer: Lukasz Lenart <lukaszlenart@apache.org> Sat May 16 06:19:42 2020 +0200
tree: e27293f9f02f0771f02342558994c60ffd61b6d6
parent: d6bfd308906e0f000a494f6207fba0e2e0038921 [diff]
diff --git a/src/etc/project-suppression.xml b/src/etc/project-suppression.xml
index c3016de..f00cc85 100644
--- a/src/etc/project-suppression.xml
+++ b/src/etc/project-suppression.xml

@@ -148,4 +148,9 @@
         <packageUrl regex="true">^pkg:maven/org\.codehaus\.plexus/plexus\-utils@.*$</packageUrl>
         <vulnerabilityName>Possible XML Injection</vulnerabilityName>
     </suppress>
+    <suppress>
+        <notes><![CDATA[file name: oval-1.90.jar]]></notes>
+        <packageUrl regex="true">^pkg:maven/net\.sf\.oval/oval@1\.90$</packageUrl>
+        <vulnerabilityName>Vulnerable transitive dependencies</vulnerabilityName>
+    </suppress>
 </suppressions>
\ No newline at end of file
commit	67900147e851763a83747abaf69b9a870451836d	[log] [tgz]
author	Lukasz Lenart <lukaszlenart@apache.org>	Sat May 16 06:19:42 2020 +0200
committer	Lukasz Lenart <lukaszlenart@apache.org>	Sat May 16 06:19:42 2020 +0200
tree	e27293f9f02f0771f02342558994c60ffd61b6d6
parent	d6bfd308906e0f000a494f6207fba0e2e0038921 [diff]