This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-3.0
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-3.0 by this push:
new 5ed63e0a5a Suppress CVE-2020-7238
5ed63e0a5a is described below
commit 5ed63e0a5a01bf7709bb5adc9165ccc6e6d9a7cf
Author: Brandon Williams <[email protected]>
AuthorDate: Fri Jun 17 09:04:08 2022 -0500
Suppress CVE-2020-7238
Patch by brandonwilliams; reviewed by bereng for CASSANDRA-17697
---
.build/dependency-check-suppressions.xml | 1 +
CHANGES.txt | 1 +
2 files changed, 2 insertions(+)
diff --git a/.build/dependency-check-suppressions.xml
b/.build/dependency-check-suppressions.xml
index a9d37c9f10..e0fd8c3a55 100644
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@ -32,6 +32,7 @@
<cve>CVE-2019-16869</cve>
<cve>CVE-2019-20444</cve>
<cve>CVE-2019-20445</cve>
+ <cve>CVE-2020-7238</cve>
<cve>CVE-2021-21290</cve>
<cve>CVE-2021-21295</cve>
<cve>CVE-2021-21409</cve>
diff --git a/CHANGES.txt b/CHANGES.txt
index c49c33224f..2a7f785ac3 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
3.0.28
+ * Supress CVE-2020-7238 (CASSANDRA-17697)
* Fix issue where frozen maps may not be serialized in the correct order
(CASSANDRA-17623)
* Suppress CVE-2022-24823 (CASSANDRA-17633)
* fsync TOC and digest files (CASSANDRA-10709)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
