[FLINK-36522] Bump mysql-connector-j version - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: kubernetes-operator-1.10.0
Fix Version/s: kubernetes-operator-1.10.0
Component/s: Kubernetes Operator
Labels:
- pull-request-available

Description

Bump the mysql-connector-j version to remediate vulnerability associated with this package.

Package info:
https://mvnrepository.com/artifact/com.mysql/mysql-connector-j/8.0.33

Vulnerability info:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22102

Proposed change solution:
Bump the version from 8.0.33 to 8.4.0

Attachments

Issue Links

is cloned by

FLINK-36528 Update org.apache.avro : avro dependency

Open

links to

GitHub Pull Request #898

Activity

People

Assignee:: Kartik Goyal

Reporter:: Kartik Goyal

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 13/Oct/24 15:08

Updated:: 14/Oct/24 10:35

Resolved:: 14/Oct/24 09:50