This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-4.0
in repository https://gitbox.apache.org/repos/asf/cassandra.git
commit 682ae0c64c9159c6c884252820ce1236fde39e17
Merge: dba4162666 b6b71c598e
Author: Brandon Williams <brandonwilli...@apache.org>
AuthorDate: Thu May 4 10:24:20 2023 -0500
Merge branch 'cassandra-3.11' into cassandra-4.0
.build/dependency-check-suppressions.xml | 1 +
CHANGES.txt | 1 +
2 files changed, 2 insertions(+)
diff --cc .build/dependency-check-suppressions.xml
index f203c2757f,98efddce73..f8aa4b5fb7
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@@ -21,17 -21,10 +21,18 @@@
-->
<suppressions
xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd";>
<suppress>
- <!-- https://issues.apache.org/jira/browse/CASSANDRA-16150 -->
+ <!-- not applicable since 4.0 -->
+ <packageUrl
regex="true">^pkg:maven/com\.datastax\.cassandra/cassandra\-driver\-core@.*$</packageUrl>
+ <cve>CVE-2018-8016</cve>
+ <cve>CVE-2019-2684</cve>
+ <cve>CVE-2020-13946</cve>
+ <cve>CVE-2020-17516</cve>
+ <cve>CVE-2021-44521</cve>
+ </suppress>
+ <suppress>
+ <!-- https://issues.apache.org/jira/browse/CASSANDRA-17907 -->
<packageUrl
regex="true">^pkg:maven/org\.yaml/snakeyaml@.*$</packageUrl>
+ <cve>CVE-2023-2251</cve>
- <cve>CVE-2017-18640</cve>
<cve>CVE-2022-25857</cve>
<cve>CVE-2022-38749</cve>
<cve>CVE-2022-38750</cve>
diff --cc CHANGES.txt
index b3f3cf883a,b132527d5c..a10b0f67df
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@@ -1,23 -1,9 +1,24 @@@
-3.11.16
+4.0.10
+ * Improve 'Not enough space for compaction' logging messages
(CASSANDRA-18260)
+ * Incremental repairs fail on mixed IPv4/v6 addresses serializing
SyncRequest (CASSANDRA-18474)
+ * Deadlock updating sstable metadata if disk boundaries need reloading
(CASSANDRA-18443)
+ * Fix nested selection of reversed collections (CASSANDRA-17913)
+Merged from 3.11:
+ * Fix the capital P usage in the CQL parser (CASSANDRA-17919)
Merged from 3.0:
+ * Suppress CVE-2023-2251 (CASSANDRA-18497)
+ * Do not remove SSTables when cause of FSReadError is OutOfMemoryError while
using best_effort disk failure policy (CASSANDRA-18336)
+ * Do not remove truncated_at entry in system.local while dropping an index
(CASSANDRA-18105)
-3.11.15
- * Fix the capital P usage in the CQL parser (CASSANDRA-17919)
+4.0.9
+ * Update zstd-jni library to version 1.5.5 (CASSANDRA-18429)
+ * Backport CASSANDRA-17205 to 4.0 branch - Remove self-reference in
SSTableTidier (CASSANDRA-18332)
+ * Avoid loading the preferred IP for BulkLoader streaming (CASSANDRA-18370)
+ * Fix BufferPool incorrect memoryInUse when putUnusedPortion is used
(CASSANDRA-18311)
+ * Improve memtable allocator accounting when updating AtomicBTreePartition
(CASSANDRA-18125)
+ * Update zstd-jni to version 1.5.4-1 (CASSANDRA-18259)
+ * Split and order IDEA workspace template VM_PARAMETERS (CASSANDRA-18242)
+Merged from 3.11:
* Fix sstable_count metric missing from tablestats json/yaml output
(CASSANDRA-18448)
* Suppress CVE-2022-45688 (CASSANDRA-18389)
* Fix Splitter sometimes creating more splits than requested
(CASSANDRA-18013)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
