[
https://issues.apache.org/jira/browse/CASSANDRA-20848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18015922#comment-18015922
]
Stefan Miklosovic edited comment on CASSANDRA-20848 at 8/25/25 9:41 AM:
------------------------------------------------------------------------
[CASSANDRA-20848-20849-4.0|https://github.com/instaclustr/cassandra/tree/CASSANDRA-20848-20849-4.0]
{noformat}
java11_pre-commit_tests
✓ j11_build 2m 23s
✓ j11_cqlsh-dtests-py2-no-vnodes 5m 28s
✓ j11_cqlsh-dtests-py2-with-vnodes 5m 16s
✓ j11_cqlsh_dtests_py3 5m 44s
✓ j11_cqlsh_dtests_py311 5m 30s
✓ j11_cqlsh_dtests_py311_vnode 6m 1s
✓ j11_cqlsh_dtests_py38 6m 0s
✓ j11_cqlsh_dtests_py38_vnode 7m 12s
✓ j11_cqlsh_dtests_py3_vnode 6m 25s
✓ j11_cqlshlib_tests 6m 48s
✓ j11_dtests_vnode 43m 50s
✓ j11_jvm_dtests 14m 23s
✓ j11_unit_tests 8m 23s
✕ j11_dtests 56m 35s
refresh_test.TestRefresh test_refresh_deadlock_startup
{noformat}
[java11_pre-commit_tests|https://app.circleci.com/pipelines/github/instaclustr/cassandra/5975/workflows/29a8ef9e-447b-4d20-a238-563cce79cef6]
for 4.1 and 5.0, there are failures of configuration compatibility test I am
looking into.
[CASSANDRA-20848-20849-5.0|https://github.com/instaclustr/cassandra/tree/CASSANDRA-20848-20849-5.0]
{noformat}
java17_pre-commit_tests
✓ j17_build 6m 5s
✓ j17_cqlsh_dtests_py311 6m 0s
✓ j17_cqlsh_dtests_py311_vnode 6m 20s
✓ j17_cqlsh_dtests_py38 6m 0s
✓ j17_cqlsh_dtests_py38_vnode 6m 22s
✓ j17_cqlshlib_cython_tests 8m 1s
✓ j17_cqlshlib_tests 6m 38s
✓ j17_dtests_latest 41m 4s
✓ j17_dtests_vnode 41m 35s
✓ j17_jvm_dtests 19m 55s
✓ j17_jvm_dtests_latest_vnode 18m 3s
✕ j17_dtests 36m 36s
refresh_test.TestRefresh test_refresh_deadlock_startup
✕ j17_unit_tests 14m 40s
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_1
org.apache.cassandra.config.ConfigCompatibilityTest diff_5_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_11
✕ j17_utests_latest 16m 0s
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_1
org.apache.cassandra.config.ConfigCompatibilityTest diff_5_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_11
✕ j17_utests_oa 15m 13s
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_1
org.apache.cassandra.config.ConfigCompatibilityTest diff_5_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_11
{noformat}
[java17_pre-commit_tests|https://app.circleci.com/pipelines/github/instaclustr/cassandra/5976/workflows/3552ab1b-ba0e-4ac9-9d4c-0fa19f5a1725]
trunk:
[java17_pre-commit_tests|https://app.circleci.com/pipelines/github/instaclustr/cassandra/5978/workflows/0ee06eea-9f17-42f7-9f9f-7dcb703e2c6c]
[java17_separate_tests|https://app.circleci.com/pipelines/github/instaclustr/cassandra/5978/workflows/e7eaf0c5-bd20-4175-9b6e-67a5aa052ef0]
[java11_pre-commit_tests|https://app.circleci.com/pipelines/github/instaclustr/cassandra/5978/workflows/9136b0f9-6906-41fc-a05a-42588b8b0780]
[java11_separate_tests|https://app.circleci.com/pipelines/github/instaclustr/cassandra/5978/workflows/5bc5f27e-a60f-49fc-be7d-2667549680ac]
was (Author: smiklosovic):
[CASSANDRA-20848-20849-4.0|https://github.com/instaclustr/cassandra/tree/CASSANDRA-20848-20849-4.0]
{noformat}
java11_pre-commit_tests
✓ j11_build 2m 23s
✓ j11_cqlsh-dtests-py2-no-vnodes 5m 28s
✓ j11_cqlsh-dtests-py2-with-vnodes 5m 16s
✓ j11_cqlsh_dtests_py3 5m 44s
✓ j11_cqlsh_dtests_py311 5m 30s
✓ j11_cqlsh_dtests_py311_vnode 6m 1s
✓ j11_cqlsh_dtests_py38 6m 0s
✓ j11_cqlsh_dtests_py38_vnode 7m 12s
✓ j11_cqlsh_dtests_py3_vnode 6m 25s
✓ j11_cqlshlib_tests 6m 48s
✓ j11_dtests_vnode 43m 50s
✓ j11_jvm_dtests 14m 23s
✓ j11_unit_tests 8m 23s
✕ j11_dtests 56m 35s
refresh_test.TestRefresh test_refresh_deadlock_startup
{noformat}
[java11_pre-commit_tests|https://app.circleci.com/pipelines/github/instaclustr/cassandra/5975/workflows/29a8ef9e-447b-4d20-a238-563cce79cef6]
for 5.0, there are failures of configuration compatibility test I am looking
into.
[CASSANDRA-20848-20849-5.0|https://github.com/instaclustr/cassandra/tree/CASSANDRA-20848-20849-5.0]
{noformat}
java17_pre-commit_tests
✓ j17_build 6m 5s
✓ j17_cqlsh_dtests_py311 6m 0s
✓ j17_cqlsh_dtests_py311_vnode 6m 20s
✓ j17_cqlsh_dtests_py38 6m 0s
✓ j17_cqlsh_dtests_py38_vnode 6m 22s
✓ j17_cqlshlib_cython_tests 8m 1s
✓ j17_cqlshlib_tests 6m 38s
✓ j17_dtests_latest 41m 4s
✓ j17_dtests_vnode 41m 35s
✓ j17_jvm_dtests 19m 55s
✓ j17_jvm_dtests_latest_vnode 18m 3s
✕ j17_dtests 36m 36s
refresh_test.TestRefresh test_refresh_deadlock_startup
✕ j17_unit_tests 14m 40s
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_1
org.apache.cassandra.config.ConfigCompatibilityTest diff_5_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_11
✕ j17_utests_latest 16m 0s
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_1
org.apache.cassandra.config.ConfigCompatibilityTest diff_5_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_11
✕ j17_utests_oa 15m 13s
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_4_1
org.apache.cassandra.config.ConfigCompatibilityTest diff_5_0
org.apache.cassandra.config.ConfigCompatibilityTest diff_3_11
{noformat}
[java17_pre-commit_tests|https://app.circleci.com/pipelines/github/instaclustr/cassandra/5976/workflows/3552ab1b-ba0e-4ac9-9d4c-0fa19f5a1725]
> jackson-core vulnerability: CVE-2025-52999
> ------------------------------------------
>
> Key: CASSANDRA-20848
> URL: https://issues.apache.org/jira/browse/CASSANDRA-20848
> Project: Apache Cassandra
> Issue Type: Bug
> Components: Dependencies
> Reporter: ANSHUL SAINI
> Assignee: Stefan Miklosovic
> Priority: Normal
> Fix For: 4.0.x, 4.1.x, 5.0.x, 5.x
>
>
> https://nvd.nist.gov/vuln/detail/CVE-2025-52999
> jackson-core contains core low-level incremental ("streaming") parser and
> generator abstractions used by Jackson Data Processor. In versions prior to
> 2.15.0, if a user parses an input file and it has deeply nested data, Jackson
> could end up throwing a StackoverflowError if the depth is particularly large.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
