Hi, Seems like users could conceivably be using the vulnerable component. Also seems like like we need potentially need to do this as far back as 2.1?
Anyone else have an opinion before I commit this? What version to start from? Ariel On Tue, Feb 13, 2018, at 5:59 AM, Thiago Veronezi wrote: > Hi dev team, > > Sorry to keep bothering you. > > This is just a friendly reminder that I would like to contribute to this > project starting with a fix for CASSANDRA-14183 > <https://issues.apache.org/jira/browse/CASSANDRA-14183>. > > []s, > Thiago. > > > > On Tue, Jan 30, 2018 at 8:05 AM, Thiago Veronezi <thi...@veronezi.org> > wrote: > > > Hi dev team, > > > > Can one of you guys take a look on this jira ticket? > > https://issues.apache.org/jira/browse/CASSANDRA-14183 > > > > It has an a patch available for a known security issue with one of the > > dependencies. It has only with trivial code changes. It should be > > straightforward to review it. Any feedback is very welcome. > > > > Thanks, > > Thiago > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cassandra.apache.org For additional commands, e-mail: dev-h...@cassandra.apache.org
