[FP]: wildfly-openssl-linux-x86_64

[tobiasstadler]

Package URl

pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-x86_64@2.2.0.SP01

CPE

cpe:2.3:a:redhat:wildfly:2.2.0:sp01::::::

CVE

CVE-2020-10740

ODC Integration

{"label"=>"Maven Plugin"}

ODC Version

8.0.1

Description

No response

[github-actions[bot]]

Maven Coordinates

<dependency>
   <groupId>org.wildfly.openssl</groupId>
   <artifactId>wildfly-openssl-linux-x86_64</artifactId>
   <version>2.2.0.SP01</version>
</dependency>

Suppression rule:

<suppress base="true">
   <notes><![CDATA[
   FP per issue #5370
   ]]></notes>
   <packageUrl regex="true">^pkg:maven/org\.wildfly\.openssl/wildfly-openssl-linux-x86_64@.*$</packageUrl>
   <cpe>cpe:/a:redhat:wildfly</cpe>
</suppress>

Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/3985995807

[aikebah]

Note to people seeing this issue and the bot-proposed suppression: That suppression would suppress too much as cpe suppression is a prefix suppression it will also suppress the valid cpe:2.3:a:redhat:wildfly_openssl

[github-actions[bot]]

Maven Coordinates

<dependency>
   <groupId>org.wildfly.openssl</groupId>
   <artifactId>wildfly-openssl-linux-x86_64</artifactId>
   <version>2.2.0.SP01</version>
</dependency>

Suppression rule:

<suppress base="true">
   <notes><![CDATA[
   FP per issue #5370
   ]]></notes>
   <packageUrl regex="true">^pkg:maven/org\.wildfly\.openssl/wildfly-openssl-linux-x86_64@.*$</packageUrl>
   <cpe>cpe:/a:redhat:wildfly</cpe>
</suppress>

Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/4004644151

[tobiasstadler]

pkg:maven/org.wildfly.openssl/wildfly-openssl@2.2.0.SP01, pkg:maven/org.wildfly.openssl/wildfly-openssl-java@2.2.0.SP01, pkg:maven/org.wildfly.openssl/wildfly-openssl-macos-x86_64@2.2.0.SP01, pkg:maven/org.wildfly.openssl/wildfly-openssl-linux-x86_64@2.2.0.SP01, pkg:maven/org.wildfly.openssl/wildfly-openssl-windows-x86_64@2.2.0.SP01 have the same issue