This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-4.0
in repository https://gitbox.apache.org/repos/asf/cassandra.git
commit f9364e4f44b0d37905713a76d088218645ab72fb
Author: Brandon Williams <brandonwilli...@apache.org>
AuthorDate: Thu Mar 30 10:14:07 2023 -0500
Suppress CVE-2022-45688
Patch by brandonwilliams; reviewed by bereng for CASSANDRA-18389
---
.build/dependency-check-suppressions.xml | 5 +++++
CHANGES.txt | 1 +
2 files changed, 6 insertions(+)
diff --git a/.build/dependency-check-suppressions.xml
b/.build/dependency-check-suppressions.xml
index b0603e3f90..68c97bb777 100644
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@ -114,5 +114,10 @@
<cve>CVE-2022-42003</cve>
<cve>CVE-2022-42004</cve>
</suppress>
+ <!-- https://issues.apache.org/jira/browse/CASSANDRA-18389 -->
+ <suppress>
+ <packageUrl
regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-core.*$</packageUrl>
+ <cve>CVE-2022-45688</cve>
+ </suppress>
</suppressions>
diff --git a/CHANGES.txt b/CHANGES.txt
index f38ce34b95..8b61cdad82 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
3.11.15
+ * Suppress CVE-2022-45688 (CASSANDRA-18389)
* Fix Splitter sometimes creating more splits than requested (CASSANDRA-18013)
Merged from 3.0:
* Fix RepairJob unnecessarily reporting cancellation error (CASSANDRA-17701)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
