This is an automated email from the ASF dual-hosted git repository. brandonwilliams pushed a commit to branch cassandra-4.0 in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/cassandra-4.0 by this push: new 592cee3 Suppress CVE-2021-44521 592cee3 is described below commit 592cee30640f7d5ca0fc80cefb1c9dad24a58a81 Author: Brandon Williams <brandonwilli...@apache.org> AuthorDate: Mon Mar 21 12:50:25 2022 -0500 Suppress CVE-2021-44521 Patch by brandonwilliams; reviewed by bereng for CASSANDRA-17459 --- .build/dependency-check-suppressions.xml | 1 + CHANGES.txt | 1 + 2 files changed, 2 insertions(+) diff --git a/.build/dependency-check-suppressions.xml b/.build/dependency-check-suppressions.xml index 0003951..7633085 100644 --- a/.build/dependency-check-suppressions.xml +++ b/.build/dependency-check-suppressions.xml @@ -26,6 +26,7 @@ <cve>CVE-2018-8016</cve> <cve>CVE-2020-13946</cve> <cve>CVE-2020-17516</cve> + <cve>CVE-2021-44521</cve> </suppress> <suppress> <!-- dependency checker identified this as a completely different package (wire) --> diff --git a/CHANGES.txt b/CHANGES.txt index 1e710a3..5b13f9b 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,4 +1,5 @@ 4.0.4 + * Suppress CVE-2021-44521 from driver (CASSANDRA-17459) * Upgrade jackson to 2.13.2 (CASSANDRA-17460) * Make sstableloader honour native port option (CASSANDRA-17210) * Reject snapshot names with special character (CASSANDRA-15297) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org