[
https://issues.apache.org/jira/browse/CASSANDRA-18645?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17741055#comment-17741055
]
Ekaterina Dimitrova commented on CASSANDRA-18645:
-------------------------------------------------
CVE-2022-45688 - should be addressed in CASSANDRA-18643
CVE-2023-34462 - should be addressed in CASSANDRA-18649
I miss in my branch the commits from yesterday that suppressed them.
Commtted to https://github.com/apache/cassandra
[006ec71f63..992ad25b96|https://github.com/apache/cassandra/commit/992ad25b9608e59903dea4ec8becc00efbff5340]
trunk -> trunk
I added CHANGES.txt entry on commit.
> Upgrade guava on trunk
> ----------------------
>
> Key: CASSANDRA-18645
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18645
> Project: Cassandra
> Issue Type: Task
> Components: Build
> Reporter: Ekaterina Dimitrova
> Assignee: Ekaterina Dimitrova
> Priority: Normal
> Labels: Dependency
> Fix For: 5.x
>
>
> Recently guava added JDK17 in CI and fixed some bugs down the road.
> Upgrading before the major 5.0 release is something we should do.
> Also, the current version that Cassandra uses is from 2018.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
