diff --git a/.github/workflows/hypertrace-ingester/docker-compose.yml b/.github/workflows/hypertrace-ingester/docker-compose.yml
index 841eb08fb..9c7e9d4ae 100644
--- a/.github/workflows/hypertrace-ingester/docker-compose.yml
+++ b/.github/workflows/hypertrace-ingester/docker-compose.yml
@@ -80,7 +80,7 @@ services:
     container_name: mongo
 
   pinot:
-    image: hypertrace/pinot-servicemanager:main
+    image: hypertrace/pinot-servicemanager:0.6.10
     container_name: pinot
     environment:
       - LOG_LEVEL=error
diff --git a/.github/workflows/hypertrace-ingester/postgres/docker-compose.yml b/.github/workflows/hypertrace-ingester/postgres/docker-compose.yml
index ba7450226..513cec8f1 100644
--- a/.github/workflows/hypertrace-ingester/postgres/docker-compose.yml
+++ b/.github/workflows/hypertrace-ingester/postgres/docker-compose.yml
@@ -95,7 +95,7 @@ services:
 
   # Stores spans and traces and provides aggregation functions
   pinot:
-    image: hypertrace/pinot-servicemanager:main
+    image: hypertrace/pinot-servicemanager:0.6.10
     container_name: pinot
     environment:
       - LOG_LEVEL=error
diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
index 86dc9891e..1847a8e80 100644
--- a/owasp-suppressions.xml
+++ b/owasp-suppressions.xml
@@ -67,14 +67,14 @@
     <packageUrl regex="true">^pkg:maven/org\.hypertrace\.core\.kafkastreams\.framework/avro\-partitioners@.*$</packageUrl>
     <cve>CVE-2023-37475</cve>
   </suppress>
-  <suppress until="2024-01-31Z">
+  <suppress until="2024-02-29Z">
     <notes><![CDATA[
    Not yet fixed in quartz. file name: quartz-2.3.2.jar
    ]]></notes>
     <packageUrl regex="true">^pkg:maven/org\.quartz\-scheduler/quartz@.*$</packageUrl>
     <cve>CVE-2023-39017</cve>
   </suppress>
-  <suppress until="2024-01-30Z">
+  <suppress until="2024-02-29Z">
     <notes><![CDATA[
    file name: json-20230618.jar
    ]]></notes>
@@ -102,11 +102,11 @@
     <packageUrl regex="true">^pkg:maven/io\.netty/netty.*@.*$</packageUrl>
     <vulnerabilityName>CVE-2023-4586</vulnerabilityName>
   </suppress>
-  <suppress until="2024-01-30Z">
+  <suppress until="2024-02-29Z">
     <packageUrl regex="true">^pkg:maven/io\.netty/netty.*@.*$</packageUrl>
     <vulnerabilityName>CVE-2023-44487</vulnerabilityName>
   </suppress>
-  <suppress until="2024-01-31Z">
+  <suppress until="2024-02-29Z">
     <notes><![CDATA[
    This CVE (rapid RST) is already mitigated as our servers aren't directly exposed, but it's also
    addressed in 1.59.1, which the CVE doesn't reflect (not all grpc impls versions are exactly aligned).
diff --git a/span-normalizer/helm/templates/span-normalizer-config.yaml b/span-normalizer/helm/templates/span-normalizer-config.yaml
index 0a672ec66..33d819e97 100644
--- a/span-normalizer/helm/templates/span-normalizer-config.yaml
+++ b/span-normalizer/helm/templates/span-normalizer-config.yaml
@@ -72,7 +72,7 @@ data:
       {{- end }}
       
       {{- if hasKey .Values.spanNormalizerConfig.processor "bypassOverrideTenants" }}
-      bypass.override.tenants = "{{ .Values.spanNormalizerConfig.processor.bypassOverrideTenants | toJson }}"
+      bypass.override.tenants = {{ .Values.spanNormalizerConfig.processor.bypassOverrideTenants | toJson }}
       {{- end }}
 
       {{- if hasKey .Values.spanNormalizerConfig.processor "lateArrivalThresholdDuration" }}
diff --git a/span-normalizer/span-normalizer/src/test/resources/configs/span-normalizer/application.conf b/span-normalizer/span-normalizer/src/test/resources/configs/span-normalizer/application.conf
index 8aad824f3..bda59c09d 100644
--- a/span-normalizer/span-normalizer/src/test/resources/configs/span-normalizer/application.conf
+++ b/span-normalizer/span-normalizer/src/test/resources/configs/span-normalizer/application.conf
@@ -72,6 +72,7 @@ processor {
 
 processor {
   bypass.key = "test.bypass"
+  bypass.override.tenants = ["a", "b"]
   late.arrival.threshold.duration = "1d"
 
   # Configuration for dropping certain attributes that are captured by agent, but doesn't require in