"unsupported" means there won't be any more release, so no more patches whatsoever and you're on your own.
On Thu, Sep 1, 2016 at 12:09 AM, Anmol Sharma <anmolsharma....@gmail.com> wrote: > According to the download <http://cassandra.apache.org/download/> page, > Apache Cassandra 2.1 is supported with critical fixes only till Nov 2016 > and and Apache Cassandra 2.2 is supported till Nov 2016. > > I wanted to know what is the policy for such "unsupported" versions, > especially related to kernel vulnerabilities / security threats from > dependent libraries that are discovered after a project has reached the > "unsupported" stage? > > Will the upstream versions of Apache Cassandra 2.1 and 2.2 still receive > security updates / patches or is it entirely up to the end users to fix > these? > > Thanks, > Anmol >
