From 80644b8a47aefb2444bbafde878be9866c9f8189 Mon Sep 17 00:00:00 2001
From: Elim Tsiagbey <elim.tsiagbey@hashicorp.com>
Date: Tue, 28 Jan 2025 14:44:09 -0500
Subject: [PATCH] ci(security-scanner): Suppress openssl linux CVE (#5487)

---
 .release/security-scan.hcl | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
index da2c1a239d..981e3b7605 100644
--- a/.release/security-scan.hcl
+++ b/.release/security-scan.hcl
@@ -5,6 +5,16 @@ container {
 	dependencies = true
 	alpine_secdb = true
 	secrets      = false
+
+	# Triage items that are _safe_ to ignore here. Note that this list should be
+	# periodically cleaned up to remove items that are no longer found by the scanner.
+	triage {
+		suppress {
+			vulnerabilities = [
+				"CVE-2024-13176", # openssl@3.3.2-r4
+			]
+		}
+	}
 }
 
 binary {