+dev@cassandra.apache.org
-- Forwarded message -
From: Paulo Motta
Date: Mon, Feb 3, 2025 at 6:20 PM
Subject: CVE-2025-24860: Apache Cassandra: CassandraNetworkAuthorizer
and CassandraCIDRAuthorizer can be bypassed allowing access to
different network regions
To: ,
Severity: mo
+dev@cassandra.apache.org
-- Forwarded message -
From: Paulo Motta
Date: Mon, Feb 3, 2025 at 6:19 PM
Subject: CVE-2025-23015: Apache Cassandra: User with MODIFY permission
on ALL KEYSPACES can escalate privileges to superuser via unsafe
actions
To: ,
Severity: moderate
Affecte
The Cassandra team is pleased to announce the release of Apache Cassandra
version 3.0.31.
Apache Cassandra is a fully distributed database. It is the right choice
when you need scalability and high availability without compromising
performance.
https://cassandra.apache.org/
Downloads of source
The Cassandra team is pleased to announce the release of Apache Cassandra
version 5.0.3.
Apache Cassandra is a fully distributed database. It is the right choice
when you need scalability and high availability without compromising
performance.
https://cassandra.apache.org/
Downloads of source a
The Cassandra team is pleased to announce the release of Apache Cassandra
version 4.1.8.
Apache Cassandra is a fully distributed database. It is the right choice
when you need scalability and high availability without compromising
performance.
https://cassandra.apache.org/
Downloads of source a
The Cassandra team is pleased to announce the release of Apache Cassandra
version 4.0.16.
Apache Cassandra is a fully distributed database. It is the right choice
when you need scalability and high availability without compromising
performance.
https://cassandra.apache.org/
Downloads of source
The Cassandra team is pleased to announce the release of Apache Cassandra
version 3.11.18.
Apache Cassandra is a fully distributed database. It is the right choice
when you need scalability and high availability without compromising
performance.
https://cassandra.apache.org/
Downloads of source
Correct, snapshotting is the way to go here via nodetool cms snapshot
But, you see? One more "problem" ... I bet my boots that in the majority of
cases this will be forgotten. Then we would need to put that JAR back just
to boot the cluster for the sake of snapshotting it.
On Mon, Feb 3, 2025 at
AFAIK the TCM replay issue you're describing (something is created and dropped
during replay, fails if can't create) applies to custom types and a few other
things, and one way around it is CMS snapshotting so replay doesn't start at
epoch 0; it wouldn't be safe to remove the trigger from the cl
+1
On Mon, Feb 3, 2025, at 1:33 PM, Blake Eggleston wrote:
> Hi dev@,
>
> I’d like to start the voting for CEP-45: Mutation Tracking
>
> Proposal:
> https://cwiki.apache.org/confluence/display/CASSANDRA/CEP-45:+Mutation+Tracking
> Discussion: https://lists.apache.org/thread/0rstj4bzbb2596o5vw1m
Yes, you are right. In the "example", what is parsed from the configuration
file is the keyspace name and table name of an auditing table where all
partition updates for the respective table will be persisted.
However, still, I would not support that. The reasoning behind that is that
as soon as t
+1
> On Feb 3, 2025, at 10:33 AM, Blake Eggleston wrote:
>
> Hi dev@,
>
> I’d like to start the voting for CEP-45: Mutation Tracking
>
> Proposal:
> https://cwiki.apache.org/confluence/display/CASSANDRA/CEP-45:+Mutation+Tracking
> Discussion: https://lists.apache.org/thread/0rstj4bzbb2596o5vw
Hi dev@,
I’d like to start the voting for CEP-45: Mutation Tracking
Proposal:
https://cwiki.apache.org/confluence/display/CASSANDRA/CEP-45:+Mutation+Tracking
Discussion: https://lists.apache.org/thread/0rstj4bzbb2596o5vw1m863ofggdjc81
The vote will be open for 72 hours. A vote passes if there a
Thanks a lot Josh for those Jira filters!! I think they are going to be really
useful to avoid having hanging and stale tickets, reducing contributors
frustration for not getting the deserved attention.
It is great to see community activity growing!
Bernardo
> On Feb 3, 2025, at 9:35 AM, Josh
Welcome to February. An oddly spelled month with a peculiar and inconsistent
number of days.
*Releases:
*
We find ourselves in the somewhat odd place where release votes passed for 3.0,
3.11, and 4.0, however there were insufficient votes on 4.1 and 5.0 to release
those branches. Expect more to
I think it would be reasonable to copy the triggers. The ITrigger interface
provides a Partition with metadata() to find which table the original mutation
was issued for. In the example AuditTrigger, the destination audit table is
configurable but if a user attaches AuditTrigger to an existing t
Thank you everyone, then I will skip triggers.
Bernardo Botella 于2025年2月1日周六 07:01写道:
> +1 on skipping triggers if we can’t make sure that it will work in every
> scenario.
> The experience of copying a table and having a broken result is definitely
> something to avoid.
>
> Kind regards,
> Bern
17 matches
Mail list logo
