This is an automated email from the ASF dual-hosted git repository.
abhishekrb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 77580495d97 Fix CVE-2026-24308: Upgrade Apache ZooKeeper to 3.8.6
(#19135)
77580495d97 is described below
commit 77580495d971886822a2f5f34f669740bbf7a1a2
Author: Ashwin Tumma <[email protected]>
AuthorDate: Thu Mar 12 08:54:55 2026 -0700
Fix CVE-2026-24308: Upgrade Apache ZooKeeper to 3.8.6 (#19135)
Upgrades org.apache.zookeeper from 3.8.4 to 3.8.6 to remediate
CVE-2026-24308.
---------
Co-authored-by: Ashwin Tumma <[email protected]>
---
licenses.yaml | 2 +-
pom.xml | 3 +--
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/licenses.yaml b/licenses.yaml
index 32ad0c8a509..d7e892b3f69 100644
--- a/licenses.yaml
+++ b/licenses.yaml
@@ -2153,7 +2153,7 @@ name: Apache Zookeeper
license_category: binary
module: java-core
license_name: Apache License version 2.0
-version: 3.8.4
+version: 3.8.6
libraries:
- org.apache.zookeeper: zookeeper
- org.apache.zookeeper: zookeeper-jute
diff --git a/pom.xml b/pom.xml
index 71df4f4f244..b631bc4a9f0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -130,8 +130,7 @@
<httpclient.version>4.5.13</httpclient.version>
<okhttp.version>5.3.2</okhttp.version>
<kubernetes.client.version>25.0.0-legacy</kubernetes.client.version>
- <!-- When upgrading ZK, edit docs and integration tests as well
(integration-tests/docker-base/setup.sh) -->
- <zookeeper.version>3.8.4</zookeeper.version>
+ <zookeeper.version>3.8.6</zookeeper.version>
<checkerframework.version>3.48.1</checkerframework.version>
<com.google.apis.client.version>2.2.0</com.google.apis.client.version>
<com.google.http.client.apis.version>1.42.3</com.google.http.client.apis.version>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
