You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Gil Tohar (Jira)" <ji...@apache.org> on 2020/05/04 18:08:00 UTC

[jira] [Created] (CASSANDRA-15785) 3.11.6 Image Vulnerabilities

Gil Tohar created CASSANDRA-15785:
-------------------------------------

             Summary: 3.11.6 Image Vulnerabilities
                 Key: CASSANDRA-15785
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-15785
             Project: Cassandra
          Issue Type: Bug
          Components: Build
            Reporter: Gil Tohar
         Attachments: Screen Shot 2020-05-04 at 1.44.19 PM.png

My team has taken the Bitnami Cassandra image, 3.11.6, and scanned it using our image vulnerability scanner, and discovered 4 issues. These are CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-1967. The solutions entail updating 1) curl and 2) openssl in the image, as described in the attached image.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org