This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-3.11
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-3.11 by this push:
new d41e69a652 Suppress CVE-2022-45688
d41e69a652 is described below
commit d41e69a6527fd42d0c17ac4f5a0ecb81d00837ca
Author: Brandon Williams <[email protected]>
AuthorDate: Thu Mar 30 10:14:07 2023 -0500
Suppress CVE-2022-45688
Patch by brandonwilliams; reviewed by bereng for CASSANDRA-18389
---
.build/dependency-check-suppressions.xml | 5 +++++
CHANGES.txt | 1 +
2 files changed, 6 insertions(+)
diff --git a/.build/dependency-check-suppressions.xml
b/.build/dependency-check-suppressions.xml
index b0603e3f90..68c97bb777 100644
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@ -114,5 +114,10 @@
<cve>CVE-2022-42003</cve>
<cve>CVE-2022-42004</cve>
</suppress>
+ <!-- https://issues.apache.org/jira/browse/CASSANDRA-18389 -->
+ <suppress>
+ <packageUrl
regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-core.*$</packageUrl>
+ <cve>CVE-2022-45688</cve>
+ </suppress>
</suppressions>
diff --git a/CHANGES.txt b/CHANGES.txt
index 2e63cb0fa6..7a05d17827 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
3.11.15
+ * Suppress CVE-2022-45688 (CASSANDRA-18389)
* Fix Splitter sometimes creating more splits than requested (CASSANDRA-18013)
Merged from 3.0:
* Save host id to system.local and flush immediately after startup
(CASSANDRA-18153)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
