This is an automated email from the ASF dual-hosted git repository.
1996fanrui pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/flink-connector-kafka.git
The following commit(s) were added to refs/heads/main by this push:
new aba208f6 [hotfix] Bump flink.version to 2.1.2
aba208f6 is described below
commit aba208f6b436b85cdb5c6f051ce29e29e482f96d
Author: Purushottam Sinha <[email protected]>
AuthorDate: Sat May 16 21:12:27 2026 +0530
[hotfix] Bump flink.version to 2.1.2
flink-runtime 2.1.2 pins org.lz4:lz4-java 1.10.3 (was 1.8.0), which
clears CVE-2025-12183 and CVE-2025-66566 from the test/provided
classpath. Patch-level Flink bump, no API changes expected.
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 06ac70c9..126e02bc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,7 +53,7 @@ under the License.
<!-- Main Dependencies -->
<confluent.version>7.9.2</confluent.version>
- <flink.version>2.1.0</flink.version>
+ <flink.version>2.1.2</flink.version>
<kafka.version>4.2.0</kafka.version>
<!-- Other Dependencies -->
