jolheiser/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
90d2986368
nixpkgs/pkgs
History
Red Davies 90d2986368 cassandra: 3.11.4 -> 3.11.9 
Reason: Fixes CVE-2020-13946 Apache Cassandra RMI Rebind Vulnerability

Description:
It is possible for a local attacker without access to the Apache Cassandra
process or configuration files to manipulate the RMI registry to perform a
man-in-the-middle attack and capture user names and passwords used to access
the JMX interface. The attacker can then use these credentials to access
the JMX interface and perform unauthorised operations.

Users should also be aware of CVE-2019-2684, a JRE vulnerability that enables
this issue to be exploited remotely.

3.11.x users should upgrade to 3.11.8
2020-11-24 20:24:32 -05:00
..
applications Merge pull request #103523 from r-ryantm/auto-update/rssguard 2020-11-24 02:59:45 +01:00
build-support referencesByPopularity: Don't use buildPackages at call-site 2020-11-24 02:55:40 +01:00
common-updater unstableUpdater: init 2020-11-21 11:28:45 +01:00
data Merge pull request #103779 from alexameen/fix_google_fonts_adobe_blank 2020-11-23 07:38:20 +01:00
desktops
development pythonPackages.asyncssh: Switch PyTestCheckHook, disable failing tests 2020-11-23 16:29:49 -08:00
games Merge pull request #102269 from pkern/terraria 2020-11-24 00:17:47 +01:00
misc seafile-shared: 7.0.8 -> 7.0.9 2020-11-23 20:41:08 +01:00
os-specific Merge pull request #93176 from oxalica/init/swapview 2020-11-23 11:24:59 -08:00
pkgs-lib
servers cassandra: 3.11.4 -> 3.11.9 2020-11-24 20:24:32 -05:00
shells dash: add patch to prevent code execution when noexec is set 2020-11-23 11:57:29 -08:00
stdenv
test
tools Merge pull request #103594 from r-ryantm/auto-update/yafaray-core 2020-11-24 02:30:54 +01:00
top-level referencesByPopularity: Don't use buildPackages at call-site 2020-11-24 02:55:40 +01:00