From 1f203810731c41bdaf75003b9218a079709aea13 Mon Sep 17 00:00:00 2001
From: Ellis Clayton <ellis@ellis.codes>
Date: Thu, 12 Oct 2023 10:46:30 +1100
Subject: [PATCH] Ignore CVE-2023-24329

We don't use Python. At least not directly. But assuming we do use
Python unexpectedtly, the nature of the Docs site is such that we aren't
attempting to parse URLs supplied by end-users anywhere. Therefore the
likelihood of a malicious string to urllib.parse is extremely low.
---
 .buildkite/pipeline.deploy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.buildkite/pipeline.deploy.yml b/.buildkite/pipeline.deploy.yml
index 62720dccea..63d78f4cf8 100644
--- a/.buildkite/pipeline.deploy.yml
+++ b/.buildkite/pipeline.deploy.yml
@@ -32,6 +32,7 @@ steps:
             - CVE-2023-35827 # linux 6.1.55-1
             - CVE-2023-2953 # openldap 2.5.13+dfsg-5
             - CVE-2023-31484 # perl 5.36.0-7
+            - CVE-2023-24329 # python3.11 3.11.2-6
 
   # If the current user is part of the deploy team, then wait for everything to
   # finish before deploying