This is an automated email from the ASF dual-hosted git repository.
johncasey pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/beam.git
The following commit(s) were added to refs/heads/master by this push:
new a27282363aa Update confluent version to fix CVE-2024-26308
CVE-2024-25710 (#32674)
a27282363aa is described below
commit a27282363aa2b97dda96750f6d1cbf55ebd752ae
Author: Radosław Stankiewicz <[email protected]>
AuthorDate: Wed Dec 11 20:35:42 2024 +0100
Update confluent version to fix CVE-2024-26308 CVE-2024-25710 (#32674)
* bump confluent version
Kafka Schema Registry Client has been reported with following vuln
CVE-2024-26308
CVE-2024-25710 due to vulnerable dependencies.
* try slighly older version due to unmet dependencies to
ThrottlingQuotaExceededException
* try slighly older version due to unmet dependencies to
ThrottlingQuotaExceededException
* comment on version
---
sdks/java/io/kafka/build.gradle | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sdks/java/io/kafka/build.gradle b/sdks/java/io/kafka/build.gradle
index c2f056b0b7c..04563c478d6 100644
--- a/sdks/java/io/kafka/build.gradle
+++ b/sdks/java/io/kafka/build.gradle
@@ -31,7 +31,8 @@ enableJavaPerformanceTesting()
description = "Apache Beam :: SDKs :: Java :: IO :: Kafka"
ext {
summary = "Library to read Kafka topics."
- confluentVersion = "7.6.0"
+ // newer versions e.g. 7.6.* require dropping support for older kafka
versions.
+ confluentVersion = "7.5.5"
}
def kafkaVersions = [
