[FLINK-33238] Upgrade org.apache.avro:avro to 1.11.3 to mitigate CVE-2023-39410 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Technical Debt
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: kafka-3.1.0, 1.19.0, 1.18.1
Component/s: Connectors / Kafka, Formats (JSON, Avro, Parquet, ORC, SequenceFile)
Labels:
- pull-request-available

Description

We should update AVRO to 1.11.3 to avoid false-positives on CVE-2023-39410

Attachments

Issue Links

fixes

FLINK-33303 [flink-avro] Union type not inheriting type conversions

Closed

links to

GitHub Pull Request #59

GitHub Pull Request #23508

GitHub Pull Request #23559

Activity

People

Assignee:: Martijn Visser

Reporter:: Martijn Visser

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Oct/23 09:47

Updated:: 23/Oct/23 06:29

Resolved:: 23/Oct/23 06:29