Skip to content
This repository has been archived by the owner on Aug 31, 2022. It is now read-only.

Bump to 3.11.2 to address CVE-2018-8016 #71

Open
gberche-orange opened this issue Aug 2, 2018 · 1 comment
Open

Bump to 3.11.2 to address CVE-2018-8016 #71

gberche-orange opened this issue Aug 2, 2018 · 1 comment

Comments

@gberche-orange
Copy link
Member

Potentially our cassandra nodes bind unauthenticated JMX/RMI ports allowing arbitrary code execution.

cassandra-boshrelease/packages/cassandra/spec

Line 7 in 7ee33d0

- cassandra/apache-cassandra-3.11.1-bin.tar.gz

References:
@OMI69-orange
Copy link

We are in Cassandra 3.11.4 so we can close this issue

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gberche-orange @OMI69-orange