From 14153735419b43b1754f69e7ed90333593a04282 Mon Sep 17 00:00:00 2001
From: Evan McQuinn <evan.mcquinn@noaa.gov>
Date: Mon, 17 Aug 2020 13:00:14 -0600
Subject: [PATCH] Suppress kotlin vulnerability CVE-2020-15824 as kotlin is not
 used in our actually applications at all. Also bump gradle up while we're at
 it.

---
 gradle/wrapper/gradle-wrapper.properties | 2 +-
 owasp-suppressions.xml                   | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 9543e9342..7ad10bfe4 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.5-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.6-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
\ No newline at end of file
diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
index f7b6d30db..7609f25a4 100644
--- a/owasp-suppressions.xml
+++ b/owasp-suppressions.xml
@@ -262,4 +262,12 @@
     <vulnerabilityName>CVE-2020-7663</vulnerabilityName>
   </suppress>
 
+  <suppress>
+    <notes><![CDATA[
+   file name: kotlin-*-1.3.72.jar
+   ]]></notes>
+    <filePath regex="true">.*\bkotlin-.*-1\.3\.72\.jar</filePath>
+    <cve>CVE-2020-15824</cve>
+  </suppress>
+
 </suppressions>