Commit graph

7 commits

Author SHA1 Message Date
Robert Hensing
da3bd95ffe cassandra: 3.11.9 -> 3.11.10 2021-02-18 11:50:19 +01:00
Robert Hensing
a298710dd1 cassandra: Add passthru.tests 2020-12-09 13:24:48 +01:00
Red Davies
90d2986368 cassandra: 3.11.4 -> 3.11.9
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

3.11.x users should upgrade to 3.11.8
2020-11-24 20:24:32 -05:00
B YI
d737cf3cbf cassandra 3.11.3 -> 3.11.4
also add test to all-test.nix
2019-07-14 22:22:04 +08:00
Thomas Bach
2fb2c856a1 cassandra: 3.11.2 -> 3.11.3 2018-08-07 16:21:53 +02:00
Thomas Bach
53e3aa1539 cassandra: 3.11.1 -> 3.11.2 2018-04-27 10:07:37 +02:00
Antoine Eiche
df40f4371d cassandra: 3.0.9 -> 3.11.1 release
We still keep the 3.0.9 attribute to have a stable 3.x release.
2017-12-15 11:28:12 +01:00