Uploaded image for project: 'Phoenix'
  1. Phoenix
  2. PHOENIX-6906

[phoenix-connectors] Upgrade kafka-client version used for phoenix-kafka due to CVE issues

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Won't Fix
    • None
    • None
    • kafka-connector
    • None

    Description

      The version of kafka-client used by phoenix-kafka has known CVE issues, refer to https://kafka.apache.org/cve-list . To get past the CVE issues this component should be upgraded to 3.4.0. Unfortunately this represents a major version upgrade and the current PhoenixConsumer and/or its test code must be significantly changed to accomodate it. After tinkering with PhoenixConsumerIT to deal with configuration changes (admin requires bootstrap.servers property) the consumer throws ConcurrentModificationExceptions, indicating the current threading model used by PhoenixConsumer is now no longer correct.

      Attachments

        Issue Links

          is superceded by

          Task - A task that needs to be done. PHOENIX-6935 Remove Phoenix Kafka connector

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              apurtell Andrew Kyle Purtell
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: