Update vulnerability whitelist

Author: sd234678

.last-exported-commit

@@ -1 +1 @@
-Last exported commit from parent repo: a1ec8ed3ba38cff9008dd1cc4b35d9dec2ca9298
+Last exported commit from parent repo: 6e3f24b8131b3b49aed37881270b7a18e093d307

nix-bootstrap.cabal

@@ -5,7 +5,7 @@ cabal-version: 2.0
 -- see: https://github.com/sol/hpack
 
 name:           nix-bootstrap
-version:        1.5.4.1
+version:        1.5.4.2
 author:         gchquser
 maintainer:     [email protected]
 copyright:      Crown Copyright

package.yaml

@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 name: nix-bootstrap
-version: 1.5.4.1
+version: 1.5.4.2
 author: gchquser
 maintainer: [email protected]
 copyright: Crown Copyright

vulnerability-whitelist.toml

@@ -161,8 +161,8 @@ comment = """Severity disputed and upstream patch not yet in nixpkgs. \
   """
 
 ["terminal"]
-cve = ["CVE-2022-44702"]
-comment = "CVE refers to microsoft terminal, not this haskell package."
+cve = ["CVE-2022-44702", "CVE-2002-1898"]
+comment = "CVEs refers to microsoft terminal and OSX terminal, not this haskell package."
 
 ["unzip"]
 cve = ["CVE-2021-4217", "CVE-2022-0529", "CVE-2022-0530"]
@@ -179,7 +179,7 @@ cve = ["CVE-2022-3064", "CVE-2021-4235", "CVE-2023-2251"]
 comment = "CVEs refer to other things called yaml, not this haskell package."
 
 ["zlib-0.6.3.0"]
-cve = ["CVE-2018-25032", "CVE-2022-37434", "CVE-2023-45853", "CVE-2023-6992"]
+cve = ["CVE-2018-25032", "CVE-2022-37434", "CVE-2023-45853", "CVE-2023-6992", "CVE-2002-0059"]
 comment = "Actual zlib dependency is already on a patched version; this version is a haskell library."
 
 ["zlib-1.2.12"]