capistrant commented on PR #18227: URL: https://github.com/apache/druid/pull/18227#issuecomment-3070985877
following up on this. For Druid 34 I don't think there is anything we can do but suppress. ranger extension users may legitimately need kafka for audits to keep working so excluding it could break the extension. If we are saying that we are providing contrib extensions as is, suppressing the CVE seems to be the only option. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
