chore: bump iceberg version (java)

fuyufjh commented 1 week ago

I hereby agree to the terms of the RisingWave Labs, Inc. Contributor License Agreement.

What's changed and what's your intention?

This is necessary to get rid of

✗ CRITICAL CVE-2024-47561 [Deserialization of Untrusted Data]
  | https://scout.docker.com/v/CVE-2024-47561
  | Affected range : <1.11.4
  | Fixed version  : 1.11.4
  | CVSS Score     : 9.8
  | CVSS Vector    : CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Due to the lack of test, cc @chenzl25 for double check.

Checklist

[ ] I have written necessary rustdoc comments
[ ] I have added necessary unit tests and integration tests
[ ] I have added test labels as necessary. See details.
[ ] I have added fuzzing tests or opened an issue to track them. (Optional, recommended for new SQL features #7934).
[ ] My PR contains breaking changes. (If it deprecates some features, please create a tracking issue to remove them in the future).
[ ] All checks passed in ./risedev check (or alias, ./risedev c)
[ ] My PR changes performance-critical code. (Please run macro/micro-benchmarks and show the results.)
[ ] My PR contains critical fixes that are necessary to be merged into the latest release. (Please check out the details)

Documentation

[ ] My PR needs documentation updates. (Please use the Release note section below to summarize the impact on users)

Release note

If this PR includes changes that directly affect users or other significant modifications relevant to the community, kindly draft a release note to provide a concise summary of these changes. Please prioritize highlighting the impact these changes will have on users.

chenzl25 commented 1 week ago

I will test this PR with Nessie, Polaris and Glue later.

chenzl25 commented 6 days ago

Let's merge https://github.com/risingwavelabs/risingwave/pull/19406 first before this PR. And then I can check whether polaris can work after bumping.

risingwavelabs / risingwave