Sets snappy-java version to 1.1.10.5
Relevant part of dependency tree now looks like this:
+- org.apache.kafka:connect-api:jar:3.3.1:compile
| +- org.apache.kafka:kafka-clients:jar:3.3.1:compile
| | +- com.github.luben:zstd-jni:jar:1.5.2-1:runtime
| | +- org.lz4:lz4-java:jar:1.8.0:runtime
| | - org.xerial.snappy:snappy-java:jar:1.1.10.5:runtime
| - javax.ws.rs:javax.ws.rs-api:jar:2.1.1:runtime
Takes care of recently found CVEs.
No issues found when running with "producer.override.compression.type": "snappy" on confluent platform with simple cdc enabled table.
Sets snappy-java version to 1.1.10.5 Relevant part of dependency tree now looks like this: +- org.apache.kafka:connect-api:jar:3.3.1:compile | +- org.apache.kafka:kafka-clients:jar:3.3.1:compile | | +- com.github.luben:zstd-jni:jar:1.5.2-1:runtime | | +- org.lz4:lz4-java:jar:1.8.0:runtime | | - org.xerial.snappy:snappy-java:jar:1.1.10.5:runtime | - javax.ws.rs:javax.ws.rs-api:jar:2.1.1:runtime