ignore centos CVE-2020-22218

sozercan · sozercan · commit 1fd7c32cfb10 · 2023-10-12T23:13:13.000Z
Signed-off-by: Sertac Ozercan &lt;sozercan@gmail.com&gt;
diff --git a/integration/fixtures/trivy_ignore.rego b/integration/fixtures/trivy_ignore.rego
@@ -6,6 +6,6 @@ default ignore = false
 
 ignore_vulnerability_ids := {
     # centos 7.6.1810
-    # bind-license package version "9.11.4-26.P2.el7_9.14" does not exist
-    "CVE-2023-2828"
+    # libssh2 package version "1.8.0-4.el7_9.1" does not exist yet
+    "CVE-2020-22218"
 }
diff --git a/integration/patch_test.go b/integration/patch_test.go
@@ -10,6 +10,7 @@ import (
 	"strconv"
 	"testing"
 
+	"github.com/davecgh/go-spew/spew"
 	"github.com/opencontainers/go-digest"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -40,6 +41,7 @@ func TestPatch(t *testing.T) {
 	tmp := t.TempDir()
 	ignoreFile := filepath.Join(tmp, "ignore.rego")
 	err = os.WriteFile(ignoreFile, trivyIgnore, 0o600)
+	spew.Dump(ignoreFile)
 	require.NoError(t, err)
 
 	for _, img := range images {

Original file line number	Diff line number	Diff line change
`@@ -6,6 +6,6 @@ default ignore = false`
`6`	`6`
`7`	`7`	`ignore_vulnerability_ids := {`
`8`	`8`	`# centos 7.6.1810`
`9`		`- # bind-license package version "9.11.4-26.P2.el7_9.14" does not exist`
`10`		`- "CVE-2023-2828"`
	`9`	`+ # libssh2 package version "1.8.0-4.el7_9.1" does not exist yet`
	`10`	`+ "CVE-2020-22218"`
`11`	`11`	`}`