cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rahul Nandi (Jira)" <j...@apache.org>
Subject [jira] [Updated] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix
Date Wed, 30 Sep 2020 05:04:00 GMT

     [ https://issues.apache.org/jira/browse/CASSANDRA-16150?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rahul Nandi updated CASSANDRA-16150:
------------------------------------
    Description: 
There have been critical level CVE (CVE-2017-18640) discovered in snakeyaml version earlier
to 1.26. This has been patched into snakeyaml version 1.26.

Reference: [https://nvd.nist.gov/vuln/detail/CVE-2017-18640]

This card is expected to upgrade the snakeyaml version to 1.26.

  was:
There have been critical level CVE ( [CVE-2017-18640 | [https://nvd.nist.gov/vuln/detail/CVE-2017-18640]]
) discovered in snakeyaml version earlier to 1.26. This has been patched into snakeyaml version
1.26.

This card is expected to upgrade the snakeyaml version to 1.26.


> Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix
> -----------------------------------------------------------
>
>                 Key: CASSANDRA-16150
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-16150
>             Project: Cassandra
>          Issue Type: Bug
>          Components: Dependencies
>            Reporter: Rahul Nandi
>            Assignee: Rahul Nandi
>            Priority: Normal
>
> There have been critical level CVE (CVE-2017-18640) discovered in snakeyaml version earlier
to 1.26. This has been patched into snakeyaml version 1.26.
> Reference: [https://nvd.nist.gov/vuln/detail/CVE-2017-18640]
> This card is expected to upgrade the snakeyaml version to 1.26.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org


Mime
View raw message