infvg opened a new pull request, #12138: URL: https://github.com/apache/hudi/pull/12138
Upgrade commons-io version to 1.11.4 Upgrade avro version to 1.11.4 Reference PR - https://github.com/apache/hudi/pull/11964 Change Logs This issue will address the below CVE from hudi-presto-bundle:0.14.0 jar https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47561 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47554 Impact No user facing impacts Risk level (write none, low medium or high below) Included the new changes in presto and we haven't seen any regression issues Documentation Update None Contributor's checklist Read through [contributor's guide](https://hudi.apache.org/contribute/how-to-contribute) Change Logs and Impact were stated clearly Adequate tests were added if applicable CI passed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
