Added information about CVE-2022-42969

exasol · Oct 19, 2022 · 24f0a55 · 24f0a55
1 parent 9f2aaf9
commit 24f0a55
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 469 deletions.
diff --git a/changelog.d/20221019_124323_nicola.coretti.rst b/changelog.d/20221019_124323_nicola.coretti.rst
@@ -0,0 +1,40 @@
+.. A new scriv changelog fragment.
+..
+.. Uncomment the header that is right (remove the leading dots).
+..
+.. 🗑️ Removed
+.. ----------
+..
+.. - A bullet item for the Removed category.
+..
+.. ✨ Added
+.. ---------
+..
+.. - A bullet item for the Added category.
+..
+.. 🔧 Changed
+.. -----------
+..
+.. - A bullet item for the Changed category.
+..
+.. 🚧 Deprecated
+.. --------------
+..
+.. - A bullet item for the Deprecated category.
+..
+.. 🐞 Fixed
+.. ---------
+..
+.. - A bullet item for the Fixed category.
+..
+🔐 Security
+-----------
+- Evaluated CVE-2022-42969
+     - CVE will be silenced
+     - The affected code is not used by our project itself, nor by the dependencies pulling in the vulnerable library.
+        Checked dependencies:
+        * Nox (Code search)
+        * Pytest (Code search + `Tracking-Issue <https://github.com/pytest-dev/pytest/issues/10392>`_
+..
+.. - A bullet item for the Security category.
+..
diff --git a/pyproject.toml b/pyproject.toml
@@ -116,9 +116,10 @@ files = [
     'scripts/**/*.py',
     # Incrementaly add files and paths to fix until the entire project is checked
 ]
-mypy_path = [
-    'typeshed'
-]
+
+[[tool.mypy.overrides]]
+module = "pyodbc"
+ignore_missing_imports = true
 
 [tool.scriv]
 new_fragment_template = "file: templates/fragment-template.rst"