[jira] [Updated] (CASSANDRA-20810) Update logback jar version in branch cassandra-4.0

Brandon Williams (Jira) Fri, 01 Aug 2025 03:18:18 -0700


     [ 
https://issues.apache.org/jira/browse/CASSANDRA-20810?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Brandon Williams updated CASSANDRA-20810:
-----------------------------------------
    Resolution: Duplicate
        Status: Resolved  (was: Triage Needed)

> Update logback jar version in branch cassandra-4.0
> --------------------------------------------------
>
>                 Key: CASSANDRA-20810
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-20810
>             Project: Apache Cassandra
>          Issue Type: Task
>            Reporter: Jai Sharma
>            Priority: Normal
>
> cassandra-4.0 is using logback-core and logback-classic version 1.2.9 which 
> has following vulnerabilities.
>  * CVE-2023-6378
>  * CVE-2024-12798
>  * CVE-2024-12801
> Upgrade logback-core and logback-classic to version 1.3.15 which has fixes 
> for all 3.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

[jira] [Updated] (CASSANDRA-20810) Update logback jar version in branch cassandra-4.0

Reply via email to