Correction: 3.11.x users should upgrade to 3.11.10. 3.11.24 doesn’t exist. Yet.
> On 1 Feb 2021, at 18:22, Aleksey Yeschenko wrote:
>
> CVE-2020-17516: Apache Cassandra doesn't enforce encryption setting on
> inbound internode connections
>
> Severity:
> Important
>
> Vendor:
> The Apache Sof
This is fixed in config defaults in 3.11.10 or there is something else within
the code that fixes? (Are both patch and config change required?)
Can you share the Jira ticket? I'm not finding details on search.
Valerie
> On Feb 1, 2021, at 1:23 PM, Aleksey Yeschenko wrote:
>
> CVE-2020-17516:
CVE-2020-17516: Apache Cassandra doesn't enforce encryption setting on inbound
internode connections
Severity:
Important
Vendor:
The Apache Software Foundation
Versions Affected:
Cassandra 2.1.0 to 2.1.22
Cassandra 2.2.0 to 2.2.19
Cassandra 3.0.0 to 3.0.23
Cassandra 3.11.0 to 3.11.9
Descriptio
The Cassandra team is pleased to announce the release of Apache Cassandra
version 3.0.24.
Apache Cassandra is a fully distributed database. It is the right choice
when you need scalability and high availability without compromising
performance.
http://cassandra.apache.org/
Downloads of source a
The Cassandra team is pleased to announce the release of Apache Cassandra
version 3.11.10.
Apache Cassandra is a fully distributed database. It is the right choice
when you need scalability and high availability without compromising
performance.
http://cassandra.apache.org/
Downloads of source
