[
https://issues.apache.org/jira/browse/CASSANDRA-20501?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17940018#comment-17940018
]
Stefan Miklosovic commented on CASSANDRA-20501:
-----------------------------------------------
btw updating to 4.1.119 would automatically resolve CASSANDRA-20504 (potential
suppression for CVE-2024-47535 and CVE-2025-25193).
Should not we just focus on CASSANDRA-20314 and we dont need to deal with
CASSANDRA-20504 at all?
> Update to latest dependency-check to fix incompatibility with new data feed
> format
> ----------------------------------------------------------------------------------
>
> Key: CASSANDRA-20501
> URL: https://issues.apache.org/jira/browse/CASSANDRA-20501
> Project: Apache Cassandra
> Issue Type: Task
> Components: Build
> Reporter: Doug Rohrer
> Assignee: Stefan Miklosovic
> Priority: Normal
> Fix For: 3.0.x, 3.11.x, 4.0.x, 4.1.x, 5.0.x, 5.x
>
> Attachments: dependency-check-fix.patch
>
>
> The dependency-check task at the version we have is broken due to a change in
> the format of the data from NVD. See
> [https://github.com/dependency-check/DependencyCheck/issues/7463] for more
> information on the need for this change.
>
> Update to latest (12.1.0, from the new location at
> [https://github.com/dependency-check/DependencyCheck/] as it also moved to a
> GitHub org).
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
