[CASSANDRA-18122] when will slf4j be upgraded for CVE-2018-8088 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Normal
Resolution: Not A Problem
Fix Version/s: None
Component/s: None
Labels:
None

Platform:

All
Impacts:

None

Description

Hello Team,

I see Cassandra 4.1 GA'ed on 12/13/2022 and still uses 1.7.25 version of slf4j and the vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2018-8088 is fixed only in the 1.7.26 version. Do we have any details on when the slf4j be upgraded ?

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Jai Bheemsen Rao Dhanwada

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 15/Dec/22 21:50

Updated:: 15/Dec/22 22:10

Resolved:: 15/Dec/22 21:59