This is an automated email from the ASF dual-hosted git repository. brandonwilliams pushed a commit to branch cassandra-3.11 in repository https://gitbox.apache.org/repos/asf/cassandra.git
commit e9aa5ec514c436a8fb7dede10fa97b8d8cca200c Merge: 92245b0f07 9a64be3234 Author: Brandon Williams <[email protected]> AuthorDate: Tue Jan 24 11:59:53 2023 -0600 Merge branch 'cassandra-3.0' into cassandra-3.11 .build/dependency-check-suppressions.xml | 4 ++++ CHANGES.txt | 1 + 2 files changed, 5 insertions(+) diff --cc .build/dependency-check-suppressions.xml index 45b8e41835,cfe34b74e5..8c5cf0f592 --- a/.build/dependency-check-suppressions.xml +++ b/.build/dependency-check-suppressions.xml @@@ -23,13 -23,16 +23,17 @@@ <suppress> <!-- https://issues.apache.org/jira/browse/CASSANDRA-16150 --> <packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl> - <cve>CVE-2022-38752</cve> - <cve>CVE-2022-38751</cve> - <cve>CVE-2022-38750</cve> - <cve>CVE-2022-41854</cve> + <cve>CVE-2017-18640</cve> <cve>CVE-2022-25857</cve> <cve>CVE-2022-38749</cve> + <cve>CVE-2022-38750</cve> + <cve>CVE-2022-38751</cve> + <cve>CVE-2022-38752</cve> + <cve>CVE-2022-41854</cve> + <cve>CVE-2021-1471</cve> + <cve>CVE-2021-3064</cve> + <cve>CVE-2021-4235</cve> + <cve>CVE-2017-18640</cve> </suppress> <!-- https://issues.apache.org/jira/browse/CASSANDRA-15417 --> diff --cc CHANGES.txt index fd15a7f770,5600dc17fd..5a59323aa0 --- a/CHANGES.txt +++ b/CHANGES.txt @@@ -1,6 -1,5 +1,7 @@@ -3.0.29 +3.11.15 + * Fix Splitter sometimes creating more splits than requested (CASSANDRA-18013) +Merged from 3.0: + * Suppress CVE-2021-1471, CVE-2021-3064, CVE-2021-4235 (CASSANDRA-18149) * Switch to snakeyaml's SafeConstructor (CASSANDRA-18150) * Expand build.dir property in rat targets (CASSANDRA-18183) * Suppress CVE-2022-41881 (CASSANDRA-18148) --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
