This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-3.0
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-3.0 by this push:
new 5bf1d2f8d5 Suppress CVE-2023-44487
5bf1d2f8d5 is described below
commit 5bf1d2f8d5b6b37b8f6e2718f85dec068ceb7206
Author: Brandon Williams <[email protected]>
AuthorDate: Thu Oct 19 11:33:05 2023 -0500
Suppress CVE-2023-44487
Patch by brandonwilliams; reviewed by bereng for CASSANDRA-18943
---
.build/dependency-check-suppressions.xml | 1 +
CHANGES.txt | 1 +
2 files changed, 2 insertions(+)
diff --git a/.build/dependency-check-suppressions.xml
b/.build/dependency-check-suppressions.xml
index d0a81458db..1d9fba6218 100644
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@ -60,6 +60,7 @@
<cve>CVE-2022-41881</cve>
<cve>CVE-2022-41915</cve>
<cve>CVE-2023-34462</cve>
+ <cve>CVE-2023-44487</cve>
</suppress>
<!-- https://issues.apache.org/jira/browse/CASSANDRA-14760 -->
diff --git a/CHANGES.txt b/CHANGES.txt
index a33f61545f..4906a982f3 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
3.0.30
+ * Suppress CVE-2023-44487 (CASSANDRA-18943)
* Fix nodetool enable/disablebinary to correctly set rpc readiness in gossip
(CASSANDRA-18935)
* Implement the logic in bin/stop-server (CASSANDRA-18838)
* Upgrade snappy-java to 1.1.10.4 (CASSANDRA-18878)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
