MichaelMorrisEst opened a new pull request, #4432: URL: https://github.com/apache/cassandra/pull/4432
Dropback of CASSANDRA-20429 to cassandra-5.0 While the CVEs addressed by CASSANDRA-20429 are not exploitable, they are still reported by vulnerability scanning tools. This causes an overhead for users who then need to investigate the vulnerability scan reports and justify to their users why the CVEs can be ignored. With no timeline for a 5.1/6.0 release (as far as I am aware) then it would be great if we could clean this up in 5.0.x (5.0.6 would be brilliant if that would be possible) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
