You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@avro.apache.org by "Martin Tzvetanov Grigorov (Jira)" <ji...@apache.org> on 2021/09/22 09:07:00 UTC
[jira] [Updated] (AVRO-3215) common-compress dependecy has security
vulnerabilities
[ https://issues.apache.org/jira/browse/AVRO-3215?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Tzvetanov Grigorov updated AVRO-3215:
--------------------------------------------
Release Note: (was: This is already fixed with https://github.com/apache/avro/pull/1290 (but it seems there was no JIRA ticket for it).)
> common-compress dependecy has security vulnerabilities
> -------------------------------------------------------
>
> Key: AVRO-3215
> URL: https://issues.apache.org/jira/browse/AVRO-3215
> Project: Apache Avro
> Issue Type: Bug
> Reporter: Xavier
> Priority: Major
> Fix For: 1.11.0
>
>
> Hi,
> The latest apache avro version 1.10.2 has dependecy on org.apache.commons:commons-compress:1.20 which has security vulnerabilities. Please upgrade to org.apache.commons:commons-compress:1.21
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)