From 63c096b10206a835b92acb18219f3da63b695684 Mon Sep 17 00:00:00 2001
From: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
Date: Thu, 4 Apr 2024 11:24:54 -0500
Subject: [PATCH] Waiving CVE-2023-32698 (#18056)

#17359
Waiving CVE-2023-32698
---
 .trivyignore | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.trivyignore b/.trivyignore
index a2f263d8f910..229b98597309 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -12,3 +12,8 @@ CVE-2020-7753
 # We feel like the risk of DoS using this technique, which requires being logged in, is low probability and low impact, as such we will not update glob-parent only for this CVE
 
 CVE-2020-28469
+
+# 2024/04/04 (github.com/goreleaser/nfpm/v2 should be updated)
+# When packaging linux files, we do not use global permissions. Manually verified that packed fleet-osquery files do not have group/global write permissions.
+
+CVE-2023-32698