[ https://issues.apache.org/jira/browse/CASSANDRA-14760?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16622024#comment-16622024 ]
Jason Brown commented on CASSANDRA-14760: ----------------------------------------- Cool, I'll go ahead and close. > CVE-2018-10237 Security vulnerability in 3.11.3 > ----------------------------------------------- > > Key: CASSANDRA-14760 > URL: https://issues.apache.org/jira/browse/CASSANDRA-14760 > Project: Cassandra > Issue Type: Bug > Reporter: John F. Gbruoski > Priority: Major > > As described in the CVE, Guava 11.0 through 24.x before 24.1.1 have a > security exposure. Cassandra 3.11.3 uses Guava 18.0. Can Cassandra 3.11 be > patched to support Guava 24.1.1 or later? -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org