From 946cf55fce49c9078009404aa1b07663bc93fbc0 Mon Sep 17 00:00:00 2001
From: Chris Campbell <chris.c@buildkite.com>
Date: Fri, 3 Nov 2023 16:10:28 +1100
Subject: [PATCH] Ignore zlib CVE

This change ignores the following CVE whilst awaiting a patch:
https://security-tracker.debian.org/tracker/CVE-2023-45853

There's no usage of minizip/zlib which makes this vulnerability
unlikely to be exploitable.
---
 .buildkite/pipeline.deploy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.buildkite/pipeline.deploy.yml b/.buildkite/pipeline.deploy.yml
index 08b049c45c..e6210ab809 100644
--- a/.buildkite/pipeline.deploy.yml
+++ b/.buildkite/pipeline.deploy.yml
@@ -33,6 +33,7 @@ steps:
             - CVE-2023-31484 # perl 5.36.0-7
             - CVE-2023-24329 # python3.11 3.11.2-6
             - CVE-2023-3640 # linux 6.1.55-1
+            - CVE-2023-45853 # zlib 1:1.2.13.dfsg-1
 
   # If the current user is part of the deploy team, then wait for everything to
   # finish before deploying