Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-14183

CVE-2017-5929 Security vulnerability and redefine default log rotation policy

    Details

      Description

      Cassandra 3.11.1 is patched with logback 1.1.3, which contains the security vulnerability described here. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929

      Also update to logback allows a simple date and size rotation policy to
      replace the default fixed policy, which is broken by design.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                tveronezi Thiago Veronezi
                Reporter:
                tveronezi Thiago Veronezi
                Authors:
                Thiago Veronezi
                Reviewers:
                Ariel Weisberg
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: