From 9194d8c6e106ba0329e7171c9979339df3816636 Mon Sep 17 00:00:00 2001
From: Glenn Walbran <glennw@catalyst.net.nz>
Date: Tue, 12 Mar 2024 15:35:45 +1300
Subject: [PATCH] Update jdom2 2.0.6 -> 2.0.6.1

jdom 2.0.6 contains vulnerability
https://avd.aquasec.com/nvd/2021/cve-2021-33813/

version 2.0.6.1 has been released to address this.
---
 netcdf-java-platform/build.gradle                         | 2 +-
 .../dependency-check-suppression.xml                      | 8 --------
 2 files changed, 1 insertion(+), 9 deletions(-)

diff --git a/netcdf-java-platform/build.gradle b/netcdf-java-platform/build.gradle
index 70f0a8e56c..06c0ae5997 100644
--- a/netcdf-java-platform/build.gradle
+++ b/netcdf-java-platform/build.gradle
@@ -22,7 +22,7 @@ dependencies {
     api "com.google.protobuf:protoc:${depVersion.protobuf}"
     api 'com.google.guava:guava:32.0.1-jre'
     api 'com.google.re2j:re2j:1.3'
-    api 'org.jdom:jdom2:2.0.6'
+    api 'org.jdom:jdom2:2.0.6.1'
     api 'joda-time:joda-time:2.10.3' // replace by javax.time
 
     // netcdf4, dap4
diff --git a/project-files/owasp-dependency-check/dependency-check-suppression.xml b/project-files/owasp-dependency-check/dependency-check-suppression.xml
index 8c7e9e4860..116614c9cb 100644
--- a/project-files/owasp-dependency-check/dependency-check-suppression.xml
+++ b/project-files/owasp-dependency-check/dependency-check-suppression.xml
@@ -10,14 +10,6 @@
     <packageUrl regex="true">^pkg:maven/junit/junit@.*$</packageUrl>
     <vulnerabilityName>CVE-2020-15250</vulnerabilityName>
   </suppress>
-  <suppress>
-    <notes><![CDATA[
-       file name: jdom2-2.0.6.jar
-       reason: mitigated by https://github.com/Unidata/netcdf-java/pull/801
-    ]]></notes>
-    <packageUrl regex="true">^pkg:maven/org\.jdom/jdom2@.*$</packageUrl>
-    <cve>CVE-2021-33813</cve>
-  </suppress>
   <suppress>
     <notes><![CDATA[
       file name: screenshot_sync