You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Thiago Veronezi (JIRA)" <ji...@apache.org> on 2018/01/24 15:20:00 UTC
[jira] [Updated] (CASSANDRA-14183) CVE-2017-5929 Security
vulnerability
[ https://issues.apache.org/jira/browse/CASSANDRA-14183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thiago Veronezi updated CASSANDRA-14183:
----------------------------------------
Labels: patch security (was: )
Reproduced In: 3.11.1
Status: Patch Available (was: Open)
A simple library upgrade is the fix to fix the CVE.
> CVE-2017-5929 Security vulnerability
> ------------------------------------
>
> Key: CASSANDRA-14183
> URL: https://issues.apache.org/jira/browse/CASSANDRA-14183
> Project: Cassandra
> Issue Type: Improvement
> Components: Libraries
> Reporter: Thiago Veronezi
> Priority: Major
> Labels: security, patch
> Fix For: 3.11.x
>
>
> Cassandra 3.11.1 is patched with logback 1.1.3, which contains the security vulnerability described here. [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org