You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by br...@apache.org on 2022/12/05 16:11:20 UTC
[cassandra] branch cassandra-3.11 updated (5a53c36515 -> b7762e2aa2)
This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a change to branch cassandra-3.11
in repository https://gitbox.apache.org/repos/asf/cassandra.git
from 5a53c36515 Merge branch 'cassandra-3.0' into cassandra-3.11
new 92019df4d8 Suppress CVE-2022-41854 and similar
new b7762e2aa2 Merge branch 'cassandra-3.0' into cassandra-3.11
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.build/dependency-check-suppressions.xml | 1 +
CHANGES.txt | 1 +
2 files changed, 2 insertions(+)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org
[cassandra] 01/01: Merge branch 'cassandra-3.0' into cassandra-3.11
Posted by br...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-3.11
in repository https://gitbox.apache.org/repos/asf/cassandra.git
commit b7762e2aa276ecf9cad2dd26ee52fe2463ae52db
Merge: 5a53c36515 92019df4d8
Author: Brandon Williams <br...@apache.org>
AuthorDate: Mon Dec 5 10:02:35 2022 -0600
Merge branch 'cassandra-3.0' into cassandra-3.11
.build/dependency-check-suppressions.xml | 1 +
CHANGES.txt | 1 +
2 files changed, 2 insertions(+)
diff --cc .build/dependency-check-suppressions.xml
index 6ed01952be,d9eea56920..d2ee33617d
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@@ -23,12 -23,13 +23,13 @@@
<suppress>
<!-- https://issues.apache.org/jira/browse/CASSANDRA-16150 -->
<packageUrl regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
- <cve>CVE-2022-38752</cve>
- <cve>CVE-2022-38751</cve>
- <cve>CVE-2022-38750</cve>
- <cve>CVE-2022-41854</cve>
+ <cve>CVE-2017-18640</cve>
<cve>CVE-2022-25857</cve>
<cve>CVE-2022-38749</cve>
- <cve>CVE-2017-18640</cve>
+ <cve>CVE-2022-38750</cve>
+ <cve>CVE-2022-38751</cve>
+ <cve>CVE-2022-38752</cve>
++ <cve>CVE-2022-41854</cve>
</suppress>
<!-- https://issues.apache.org/jira/browse/CASSANDRA-15417 -->
diff --cc CHANGES.txt
index d435a17ab1,296d41f2b2..4223a5cd8d
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@@ -1,19 -1,10 +1,20 @@@
-3.0.29
+3.11.15
+ * Fix Splitter sometimes creating more splits than requested (CASSANDRA-18013)
+
+Merged from 3.0:
+ * Suppress CVE-2022-41854 and similar (CASSANDRA-18083)
* Fix running Ant rat targets without git (CASSANDRA-17974)
- * Fix intermittent failure in nodetool toppartitions (CASSANDRA-17254)
-3.0.28
+3.11.14
+ * Suppress CVE-2022-42003 and CVE-2022-42004 (CASSANDRA-17966)
+ * Make LongBufferPoolTest insensitive to timing (CASSANDRA-16681)
+ * Suppress CVE-2022-25857 and other snakeyaml CVEs (CASSANDRA-17907)
+ * Fix potential IndexOutOfBoundsException in PagingState in mixed mode clusters (CASSANDRA-17840)
+ * Document usage of closed token intervals in manual compaction (CASSANDRA-17575)
+ * Creating of a keyspace on insufficient number of replicas should filter out gosspping-only members (CASSANDRA-17759)
+ * Only use statically defined subcolumns when determining column definition for supercolumn cell (CASSANDRA-14113)
+Merged from 3.0:
* Harden JMX by resolving beanshooter issues (CASSANDRA-17921)
* Suppress CVE-2019-2684 (CASSANDRA-17965)
* Fix auto-completing "WITH" when creating a materialized view (CASSANDRA-17879)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org