Closed subhashiyer9 closed 1 year ago
Existing io.confluent_common:7.2.1 is bringing value of jackson.databind.version as 2.13.2 which is vulnerable.
Updating the version to 7.2.4-5 which uses jackson.databind.version as 2.13.4.2
All committers have signed the CLA.
Closing it in favour of #294
Problem
Existing io.confluent_common:7.2.1 is bringing value of jackson.databind.version as 2.13.2 which is vulnerable.
Solution
Updating the version to 7.2.4-5 which uses jackson.databind.version as 2.13.4.2
Does this solution apply anywhere else?
If yes, where?
Test Strategy
Testing done:
Release Plan
The resultant release version will be updated in https://github.com/confluentinc/kafka-connect-storage-cloud