nishithakbhaskaran opened a new pull request, #11964: URL: https://github.com/apache/hudi/pull/11964
Upgrade httpclient version to 4.5.13 Upgrade avro version to 1.11.3 ### Change Logs This issue will address the below CVE from hudi-presto-bundle:0.14.0 jar https://nvd.nist.gov/vuln/detail/CVE-2023-39410 https://nvd.nist.gov/vuln/detail/CVE-2020-13956 ### Impact No user facing impacts ### Risk level (write none, low medium or high below) Included the new changes in presto and we haven't seen any regression issues ### Documentation Update None ### Contributor's checklist - [x] Read through [contributor's guide](https://hudi.apache.org/contribute/how-to-contribute) - [x] Change Logs and Impact were stated clearly - [x] Adequate tests were added if applicable - [ ] CI passed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
