This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-3.11
in repository https://gitbox.apache.org/repos/asf/cassandra.git
commit 60d04d6713c9bc604d4528bf4df9cce7cd84c67a
Merge: bee215cce6 5c4dd3b993
Author: Brandon Williams <brandonwilli...@apache.org>
AuthorDate: Tue Aug 8 10:03:31 2023 -0500
Merge branch 'cassandra-3.0' into cassandra-3.11
.build/dependency-check-suppressions.xml | 43 --------------------------------
CHANGES.txt | 1 +
2 files changed, 1 insertion(+), 43 deletions(-)
diff --cc .build/dependency-check-suppressions.xml
index 58b38b7e62,d0a81458db..47d37c53db
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@@ -126,20 -88,22 +89,14 @@@
<cve>CVE-2019-0205</cve>
</suppress>
- <!-- https://issues.apache.org/jira/browse/CASSANDRA-16056 -->
- <!-- https://issues.apache.org/jira/browse/CASSANDRA-15416 -->
+ <!-- https://issues.apache.org/jira/browse/CASSANDRA-17966 -->
<suppress>
- <packageUrl
regex="true">^pkg:maven/org\.codehaus\.jackson/jackson\-mapper\-asl@.*$</packageUrl>
- <cve>CVE-2017-7525</cve>
- <cve>CVE-2017-15095</cve>
- <cve>CVE-2017-17485</cve>
- <cve>CVE-2018-5968</cve>
- <cve>CVE-2018-14718</cve>
- <cve>CVE-2018-1000873</cve>
- <cve>CVE-2018-7489</cve>
- <cve>CVE-2019-10172</cve>
- <cve>CVE-2019-14540</cve>
- <cve>CVE-2019-14893</cve>
- <cve>CVE-2019-16335</cve>
- <cve>CVE-2019-17267</cve>
+ <packageUrl
regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
+ <cve>CVE-2022-42003</cve>
+ <cve>CVE-2022-42004</cve>
+ <cve>CVE-2023-35116</cve>
+ <cve>CVE-2022-42003</cve>
+ <cve>CVE-2022-42004</cve>
</suppress>
- <!-- https://issues.apache.org/jira/browse/CASSANDRA-18643 -->
- <suppress>
- <packageUrl
regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-core@.*$</packageUrl>
- <cve>CVE-2022-45688</cve>
- </suppress>
-
</suppressions>
diff --cc CHANGES.txt
index 86f4b5c758,697262750a..8ca47eb52d
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@@ -1,13 -1,5 +1,14 @@@
-3.0.30
+3.11.16
+ * Moved jflex from runtime to build dependencies (CASSANDRA-18664)
+ * Fix CAST function for float to decimal (CASSANDRA-18647)
+ * Suppress CVE-2022-45688 (CASSANDRA-18643)
+ * Remove unrepaired SSTables from garbage collection when
only_purge_repaired_tombstones is true (CASSANDRA-14204)
+ * Wait for live endpoints in gossip waiting to settle (CASSANDRA-18543)
+ * Fix error message handling when trying to use CLUSTERING ORDER with
non-clustering column (CASSANDRA-17818
+ * Add keyspace and table name to exception message during ColumnSubselection
deserialization (CASSANDRA-18346)
+ * Remove unnecessary String.format invocation in QueryProcessor when getting
a prepared statement from cache (CASSANDRA-17202)
+Merged from 3.0:
+ * Remove unused suppressions (CASSANDRA-18724)
* Upgrade OWASP to 8.3.1 (CASSANDRA-18650)
* Suppress CVE-2023-34462 (CASSANDRA-18649)
* Add support for AWS Ec2 IMDSv2 (CASSANDRA-16555)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
