This is an automated email from the ASF dual-hosted git repository. brandonwilliams pushed a commit to branch cassandra-3.0 in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-3.0 by this push: new 3d4e6944ef Suppress CVE-2019-2684 3d4e6944ef is described below commit 3d4e6944ef11d96858507779b9280f5b9c198ffa Author: Brandon Williams <brandonwilli...@apache.org> AuthorDate: Mon Oct 17 10:49:22 2022 -0500 Suppress CVE-2019-2684 Patch by brandonwilliams; reviewed by smiklosovic for CASSANDRA-17965 --- .build/dependency-check-suppressions.xml | 1 + CHANGES.txt | 1 + 2 files changed, 2 insertions(+) diff --git a/.build/dependency-check-suppressions.xml b/.build/dependency-check-suppressions.xml index e0fd8c3a55..11bc87a552 100644 --- a/.build/dependency-check-suppressions.xml +++ b/.build/dependency-check-suppressions.xml @@ -55,6 +55,7 @@ <!-- this was fixed in 3.0.22 --> <suppress> <packageUrl regex="true">^pkg:maven/com\.datastax\.cassandra/cassandra\-driver\-core@.*$</packageUrl> + <cve>CVE-2019-2684</cve> <cve>CVE-2020-13946</cve> <cve>CVE-2020-17516</cve> <cve>CVE-2021-44521</cve> diff --git a/CHANGES.txt b/CHANGES.txt index 14efe64814..7dd28c8a84 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,4 +1,5 @@ 3.0.28 + * Suppress CVE-2019-2684 (CASSANDRA-17965) * Fix auto-completing "WITH" when creating a materialized view (CASSANDRA-17879) * Fix scrubber falling into infinite loop when the last partition is broken (CASSANDRA-17862) * Improve libjemalloc resolution in bin/cassandra (CASSANDRA-15767) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org