Commit Graph

7 Commits

Author SHA1 Message Date
Robert Hensing
4ca1c4bcd5 cassandra_2*: mark as insecure 2021-02-18 11:50:14 +01:00
Robert Hensing
a298710dd1 cassandra: Add passthru.tests 2020-12-09 13:24:48 +01:00
Red Davies
ee1b13dd13 cassandra_2_2: 2.2.14 -> 2.2.19
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

2.2.x users should upgrade to 2.2.18
2020-11-24 20:58:37 -05:00
Jonathan Ringer
954f52d690 cassandra_2_2: 2.2.13 -> 2.2.14 2019-08-06 02:18:31 -07:00
Thomas Bach
145b026fb4 cassandra: 2.2.11 -> 2.2.13 2018-08-07 16:21:51 +02:00
Thomas Bach
798c6cdaca
cassandra: 2.2.9 -> 2.2.11 2018-02-07 09:08:41 +08:00
Robert Helgesson
ac0021ce53
cassandra_2_2: init at 2.2.9 2017-03-07 21:46:50 +01:00