Thank you.
On Tue, Oct 5, 2021 at 9:19 AM Aaron Ploetz wrote:
> In reading the Jira ticket, I see this line:
>
> "a server or client may run into an endless loop *when fed with specific
> input data.*"
>
> That seems to suggest that if the cassandra.yaml contains start_rpc: false,
> you should b
In reading the Jira ticket, I see this line:
"a server or client may run into an endless loop *when fed with specific
input data.*"
That seems to suggest that if the cassandra.yaml contains start_rpc: false,
you should be ok.
On Mon, Oct 4, 2021 at 8:12 PM rammohan ganapavarapu <
rammohanga...@g
We are not using thrift but the lib is there with Cassandra binary right?
Does it cause any risk?
On Mon, Oct 4, 2021, 5:53 PM Erick Ramirez
wrote:
> See https://issues.apache.org/jira/browse/CASSANDRA-15420. It only
> applies if you're still using Thrift in 2021. Cheers!
>
See https://issues.apache.org/jira/browse/CASSANDRA-15420. It only applies
if you're still using Thrift in 2021. Cheers!
Hi,
There is this vulnerability (CVE-2019-0205) reported in libthrift library
using Cassandra version 3.11.6, what is the impact of this and what are the
mitigation steps?
Thanks,
Ram
