This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-3.0
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-3.0 by this push:
new fd1f245 Suppress CVE-2021-44521
fd1f245 is described below
commit fd1f245353584833b8569666c115c6c64755c2c9
Author: Brandon Williams <[email protected]>
AuthorDate: Mon Mar 28 10:39:22 2022 -0500
Suppress CVE-2021-44521
Patch by brandonwilliams; reviewed by bereng for CASSANDRA-17492
---
.build/dependency-check-suppressions.xml | 1 +
CHANGES.txt | 1 +
2 files changed, 2 insertions(+)
diff --git a/.build/dependency-check-suppressions.xml
b/.build/dependency-check-suppressions.xml
index 798c71f..4c1c054 100644
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@ -55,6 +55,7 @@
<packageUrl
regex="true">^pkg:maven/com\.datastax\.cassandra/cassandra\-driver\-core@.*$</packageUrl>
<cve>CVE-2020-13946</cve>
<cve>CVE-2020-17516</cve>
+ <cve>CVE-2021-44521</cve>
</suppress>
<!-- https://issues.apache.org/jira/browse/CASSANDRA-14760 -->
diff --git a/CHANGES.txt b/CHANGES.txt
index 28fe6ec..eba1ec8 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
3.0.27
+ * Suppress CVE-2021-44521 (CASSANDRA-17492)
* ConnectionLimitHandler may leaks connection count if remote connection
drops (CASSANDRA-17252)
* Require ant >= 1.10 (CASSANDRA-17428)
* Disallow CONTAINS for UPDATE and DELETE (CASSANDRA-15266)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
