From bcc31c5108090d836fbda49748855407c2fd1b6d Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Wed, 23 Sep 2020 04:13:57 +0000
Subject: [PATCH 1/2] Bump dependency-check-maven from 5.3.2 to 6.0.1

Bumps [dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 5.3.2 to 6.0.1.
- [Release notes](https://github.com/jeremylong/DependencyCheck/releases)
- [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/RELEASE_NOTES.md)
- [Commits](https://github.com/jeremylong/DependencyCheck/compare/v5.3.2...v6.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index e426b1fd..71e742d0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -299,7 +299,7 @@
             <plugin>
                 <groupId>org.owasp</groupId>
                 <artifactId>dependency-check-maven</artifactId>
-                <version>5.3.2</version>
+                <version>6.0.1</version>
                 <executions>
                     <execution>
                         <goals>

From 21c44b533e19b86aa554309abd3d2496f3cfc03e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Willi=20Sch=C3=B6nborn?= <w.schoenborn@gmail.com>
Date: Wed, 23 Sep 2020 09:58:11 +0200
Subject: [PATCH 2/2] Suppressed false-positive CVEs

---
 cve-suppressions.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cve-suppressions.xml b/cve-suppressions.xml
index cddafa40..dc5ef5ed 100644
--- a/cve-suppressions.xml
+++ b/cve-suppressions.xml
@@ -3,6 +3,8 @@
     <suppress>
         <cve>CVE-2018-1258</cve>
         <cve>CVE-2019-12814</cve>
+        <cve>CVE-2020-7712</cve>
+        <cve>CVE-2020-10663</cve>
     </suppress>
     <suppress>
         <!-- false positive -->