This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-3.0
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-3.0 by this push:
new e28ef4089e Suppress CVE-2023-2976
e28ef4089e is described below
commit e28ef4089ecbc2f64182de0ba5c9e9dea113195b
Author: Brandon Williams <[email protected]>
AuthorDate: Fri Jun 2 06:13:08 2023 -0500
Suppress CVE-2023-2976
Patch by brandonwilliams; reviewed by bereng for CASSANDRA-18562
---
.build/dependency-check-suppressions.xml | 1 +
CHANGES.txt | 1 +
2 files changed, 2 insertions(+)
diff --git a/.build/dependency-check-suppressions.xml
b/.build/dependency-check-suppressions.xml
index 5a87f57c3f..02dbb8dd92 100644
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@ -78,6 +78,7 @@
<packageUrl
regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl>
<cve>CVE-2018-10237</cve>
<cve>CVE-2020-8908</cve>
+ <cve>CVE-2023-2976</cve>
</suppress>
<!-- https://issues.apache.org/jira/browse/CASSANDRA-18146 -->
diff --git a/CHANGES.txt b/CHANGES.txt
index a45c3f964b..728a529c87 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
3.0.30
+ * Suppress CVE-2023-2976 (CASSANDRA-18562)
* Remove dh_python use in Debian packaging (CASSANDRA-18558)
* Pass down all contact points to driver for cassandra-stress
(CASSANDRA-18025)
* Validate the existence of a datacenter in nodetool rebuild (CASSANDRA-14319)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
