On 2/12/19 11:53 AM, Michael Shuler wrote: > https://issues.apache.org/jira/browse/CASSANDRA-14183 > > 2.1 NEWS.txt merged up: > https://github.com/apache/cassandra/blob/cassandra-2.1/NEWS.txt#L21-L28
I should have included that you can try simply replacing the jars in lib/ with the newer ones. Logging may break. If you are not using the logback SocketServer and ServerSocketReceiver components, the CVE doesn't affect your server with logback 1.1.3. -- Kind regards, Michael --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@cassandra.apache.org For additional commands, e-mail: user-h...@cassandra.apache.org
