really fix trivy

anthony-nhs · anthony-nhs · commit f2c31f3a5991 · 2026-03-11T11:16:05.000Z
diff --git a/src/projects/fhir_facade_api/.trivyignore.yaml b/src/projects/fhir_facade_api/.trivyignore.yaml
@@ -2,27 +2,26 @@ vulnerabilities:
   - id: CVE-2022-25235
     statement: "expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution"
     purls:
-      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
   - id: CVE-2022-25236
     statement: "expat: Namespace-separator characters in \"xmlns[:prefix]\" attribute values can lead to arbitrary code execution"
     purls:
-      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
   - id: CVE-2022-26485
     statement: "Mozilla: Use-after-free in XSLT parameter processing"
     purls:
-      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
   - id: CVE-2022-26486
     statement: "Mozilla: Use-after-free in WebGPU IPC Framework"
     purls:
-      - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
-      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
+      - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
     expired_at: 2026-08-12
   - id: CVE-2026-25547
     statement: "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
