[jira] [Commented] (CASSANDRA-17368) Investigate OWASP failure report

Brandon Williams (Jira) Fri, 18 Feb 2022 05:26:24 -0800


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-17368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17494603#comment-17494603
 ]


Brandon Williams commented on CASSANDRA-17368:
----------------------------------------------

I've broken out the netty upgrade to CASSANDRA-17392 so we can aren't holding 
back the suppressions for the other branches while that is figured out, so this 
is ready for review.

> Investigate OWASP failure report
> --------------------------------
>
>                 Key: CASSANDRA-17368
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17368
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Build
>            Reporter: Brandon Williams
>            Assignee: Brandon Williams
>            Priority: Normal
>             Fix For: 3.0.x, 3.11.x, 4.0.x
>
>
> 4.0: netty-all-4.1.58.Final.jar: CVE-2021-43797, CVE-2021-37136, 
> CVE-2021-37137
> 3.11: netty-all-4.0.44.Final.jar: CVE-2021-43797, CVE-2021-37136, 
> CVE-2021-37137
> 3.0: netty-all-4.0.44.Final.jar: CVE-2021-43797, CVE-2021-37136, 
> CVE-2021-37137



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

[jira] [Commented] (CASSANDRA-17368) Investigate OWASP failure report

Reply via email to