From f7579fd13d62ce630ea26638e73f5884da505ec8 Mon Sep 17 00:00:00 2001
From: ZhangJian He <shoothzj@gmail.com>
Date: Wed, 13 Apr 2022 20:37:08 +0800
Subject: [PATCH] Fix master broken ci due to zookeeper CVE fp (#3204)

---
 pom.xml                                     |  2 +-
 src/owasp-dependency-check-suppressions.xml | 21 +++++++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index b2022467029..b2e6f96067d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -200,7 +200,7 @@
     <maven-shade-plugin.version>3.2.0</maven-shade-plugin.version>
     <maven-source-plugin.version>2.2.1</maven-source-plugin.version>
     <maven-surefire-plugin.version>3.0.0-M5</maven-surefire-plugin.version>
-    <dependency-check-maven.version>6.1.6</dependency-check-maven.version>
+    <dependency-check-maven.version>7.0.4</dependency-check-maven.version>
     <nar-maven-plugin.version>3.5.2</nar-maven-plugin.version>
     <os-maven-plugin.version>1.4.1.Final</os-maven-plugin.version>
     <protobuf-maven-plugin.version>0.6.1</protobuf-maven-plugin.version>
diff --git a/src/owasp-dependency-check-suppressions.xml b/src/owasp-dependency-check-suppressions.xml
index cf0f6df6246..082dfae0364 100644
--- a/src/owasp-dependency-check-suppressions.xml
+++ b/src/owasp-dependency-check-suppressions.xml
@@ -117,6 +117,13 @@
     <sha1>e395c1d8a71557b7569cc6a83487b2e30e2e58fe</sha1>
     <cve>CVE-2021-28164</cve>
   </suppress>
+    <suppress>
+        <notes><![CDATA[
+   file name: zookeeper-3.8.0.jar
+   ]]></notes>
+        <sha1>e395c1d8a71557b7569cc6a83487b2e30e2e58fe</sha1>
+        <cve>CVE-2021-28165</cve>
+    </suppress>
   <suppress>
     <notes><![CDATA[
    file name: zookeeper-3.8.0.jar
@@ -159,6 +166,13 @@
     <sha1>6560f966bcf1aa78d27bcfa75fb6c4463a72c6c5</sha1>
     <cve>CVE-2021-28164</cve>
   </suppress>
+  <suppress>
+    <notes><![CDATA[
+   file name: zookeeper-jute-3.8.0.jar
+   ]]></notes>
+    <sha1>6560f966bcf1aa78d27bcfa75fb6c4463a72c6c5</sha1>
+    <cve>CVE-2021-28165</cve>
+  </suppress>
   <suppress>
     <notes><![CDATA[
    file name: zookeeper-jute-3.8.0.jar
@@ -173,6 +187,13 @@
     <sha1>6560f966bcf1aa78d27bcfa75fb6c4463a72c6c5</sha1>
     <cve>CVE-2021-34429</cve>
   </suppress>
+  <suppress>
+    <notes><![CDATA[
+   file name: zookeeper-3.8.0-tests.jar
+   ]]></notes>
+     <sha1>9b78a289a3aa34eb47fac8c432f664fc140387df</sha1>
+     <cve>CVE-2021-28165</cve>
+  </suppress>
 <!--    Netty false positive https://github.com/netty/netty-tcnative/issues/710 -->
     <suppress>
         <notes><![CDATA[