This is an automated email from the ASF dual-hosted git repository.
brandonwilliams pushed a commit to branch cassandra-4.0
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-4.0 by this push:
new 592cee3 Suppress CVE-2021-44521
592cee3 is described below
commit 592cee30640f7d5ca0fc80cefb1c9dad24a58a81
Author: Brandon Williams <brandonwilli...@apache.org>
AuthorDate: Mon Mar 21 12:50:25 2022 -0500
Suppress CVE-2021-44521
Patch by brandonwilliams; reviewed by bereng for CASSANDRA-17459
---
.build/dependency-check-suppressions.xml | 1 +
CHANGES.txt | 1 +
2 files changed, 2 insertions(+)
diff --git a/.build/dependency-check-suppressions.xml
b/.build/dependency-check-suppressions.xml
index 0003951..7633085 100644
--- a/.build/dependency-check-suppressions.xml
+++ b/.build/dependency-check-suppressions.xml
@@ -26,6 +26,7 @@
<cve>CVE-2018-8016</cve>
<cve>CVE-2020-13946</cve>
<cve>CVE-2020-17516</cve>
+ <cve>CVE-2021-44521</cve>
</suppress>
<suppress>
<!-- dependency checker identified this as a completely different
package (wire) -->
diff --git a/CHANGES.txt b/CHANGES.txt
index 1e710a3..5b13f9b 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
4.0.4
+ * Suppress CVE-2021-44521 from driver (CASSANDRA-17459)
* Upgrade jackson to 2.13.2 (CASSANDRA-17460)
* Make sstableloader honour native port option (CASSANDRA-17210)
* Reject snapshot names with special character (CASSANDRA-15297)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
