From 82857bb91e23cf2b9a0670739dbb905a6d8d240e Mon Sep 17 00:00:00 2001
From: Sarah Alsmiller <sarah.alsmiller@hashicorp.com>
Date: Thu, 21 Nov 2024 14:32:20 -0600
Subject: [PATCH] add alpine image cves to suppress list

---
 .release/security-scan.hcl | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
index 20c105f3b4..f690cbe906 100644
--- a/.release/security-scan.hcl
+++ b/.release/security-scan.hcl
@@ -39,6 +39,11 @@ container {
 			vulnerabilities = [
 				"CVE-2024-8096", # curl@8.9.1-r2,
 				"CVE-2024-9143", # openssl@3.3.2-r0,
+				"CVE-2024-3596", # openssl@3.3.2-r0,
+				"CVE-2024-2236", # openssl@3.3.2-r0,
+				"CVE-2024-26458", # openssl@3.3.2-r0,
+				"CVE-2024-2511", # openssl@3.3.2-r0,
+				#the above can be resolved when they're resolved in the alpine image
 			]
 			paths = [
 				"internal/tools/proto-gen-rpc-glue/e2e/consul/*",