search

confluentinc / kafka-connect-storage-common

Shared software among connectors that target distributed filesystems and cloud storage.
Other
5 stars 155 forks source link

CCMSG-2360 Update io.confluent:common to 7.2.4-5 version #293

Closed subhashiyer9 closed 1 year ago

subhashiyer9 commented 1 year ago

Problem

Existing io.confluent_common:7.2.1 is bringing value of jackson.databind.version as 2.13.2 which is vulnerable.

Solution

Updating the version to 7.2.4-5 which uses jackson.databind.version as 2.13.4.2

Does this solution apply anywhere else?
If yes, where?

Test Strategy

Testing done:

Release Plan

The resultant release version will be updated in https://github.com/confluentinc/kafka-connect-storage-cloud
CLAassistant commented 1 year ago

CLA assistant check
All committers have signed the CLA.

subhashiyer9 commented 1 year ago

Closing it in favour of #294