FreeBSD: VID-53caf29b-9180-11ed-acbe-b42e991fc52e (CVE-2022-25857): cassandra3 -- multiple vulnerabilities

Cassandra tema reports: This release contains 6 security fixes including CVE-2022-24823: When Netty's multipart decoders are used local information disclosure can occur via the local system temporary directory CVE-2020-7238: Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. CVE-2019-2684: Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE CVE-2022-25857: The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. CVE-2022-42003: In FasterXML jackson-databind, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. CVE-2022-42004: In FasterXML jackson-databind, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays.