data/reports: withdraw GO-2024-2527

tatianab · gopherbot · commit 3f3b024453f2 · 2024-07-01T15:41:10.000Z
This report is a low impact vulnerability that is causing too many false positives. Withdraw it for now to mitigate impact. Updates #2527 Updates #2952 Change-Id: Iffad648eecbbda67e49a962592a33df9232f5fbb Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/595995 Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
diff --git a/data/osv/GO-2024-2527.json b/data/osv/GO-2024-2527.json
@@ -3,11 +3,12 @@
   "id": "GO-2024-2527",
   "modified": "0001-01-01T00:00:00Z",
   "published": "0001-01-01T00:00:00Z",
+  "withdrawn": "2024-07-01T15:21:57Z",
   "aliases": [
     "GHSA-5x4g-q5rc-36jp"
   ],
-  "summary": "Etcd pkg Insecure ciphers are allowed by default in go.etcd.io/etcd/client/pkg/v3",
-  "details": "Etcd pkg Insecure ciphers are allowed by default in go.etcd.io/etcd/client/pkg/v3",
+  "summary": "WITHDRAWN: Etcd pkg Insecure ciphers are allowed by default in go.etcd.io/etcd/client/pkg/v3",
+  "details": "(This report has been withdrawn with reason: \"too many false positives\").",
   "affected": [
     {
       "package": {
diff --git a/data/reports/GO-2024-2527.yaml b/data/reports/GO-2024-2527.yaml
@@ -4,9 +4,11 @@ modules:
       non_go_versions:
         - fixed: 3.3.23
         - introduced: 3.4.0-rc.0
-          fixed: 3.4.10
+        - fixed: 3.4.10
       vulnerable_at: 3.5.14
-summary: Etcd pkg Insecure ciphers are allowed by default in go.etcd.io/etcd/client/pkg/v3
+summary: 'WITHDRAWN: Etcd pkg Insecure ciphers are allowed by default in go.etcd.io/etcd/client/pkg/v3'
+description: '(This report has been withdrawn with reason: "too many false positives"). '
+withdrawn: 2024-07-01T15:21:57Z
 ghsas:
     - GHSA-5x4g-q5rc-36jp
 references:
