Update AWS library versions

kellypug commented 2 years ago

Release notes

Update AWS Java SDK version to latest available, v1.12.290 to address CVE-2022-31159

What does this PR do?

Updates AWS Java SDK Version to v1.12.290 to address CVE-2022-31159 Update AWS Kinesis Client library version to v1.14.8 to pull newer version of jackson-databind library

Why is it important/What is the impact to the user?

Versions of AWS Java SK prior to v1.12.261 contains a vulnerability that potentially allows data to be downloaded to a directory outside the intended directory.

Checklist

[ ] My code follows the style guidelines of this project
[ ] I have commented my code, particularly in hard-to-understand areas
[ ] I have made corresponding changes to the documentation
[ ] I have made corresponding change to the default configuration files (and/or docker env variables)
[ ] I have added tests that prove my fix is effective or that my feature works

Author's Checklist

[ ]

How to test this PR locally

Related issues

Use cases

Screenshots

Logs

cla-checker-service[bot] commented 2 years ago

💚 CLA has been signed

kellypug commented 2 years ago

Signed agreement but isn't being picked up by check

kellypug commented 1 year ago

I've submitted another signed contributor agreement again

logstash-plugins / logstash-input-kinesis