Uploaded image for project: 'Apache Cassandra'
  1. Apache Cassandra
  2. CASSANDRA-14183

CVE-2017-5929 Security vulnerability and redefine default log rotation policy

    XMLWordPrintableJSON

Details

    Description

      Cassandra 3.11.1 is patched with logback 1.1.3, which contains the security vulnerability described here. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5929

      Also update to logback allows a simple date and size rotation policy to
      replace the default fixed policy, which is broken by design.

      Attachments

        Issue Links

          Activity

            People

              tveronezi Thiago Veronezi
              tveronezi Thiago Veronezi
              Thiago Veronezi
              Ariel Weisberg
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 10m
                  10m