senthh opened a new pull request, #12140:
URL: https://github.com/apache/hudi/pull/12140
### Change Logs
_Describe context and summary for this change. Highlight if any code was
copied._
Upgrade protobuf version to 3.25.5 to fix CVE-2024-7254
### Impact
_Describe any public API or user-facing feature change or any performance
impact._
protobuf version 3.17.* is having vulnerability CVE-2024-7254
### Risk level (write none, low medium or high below)
_If medium or high, explain what verification was done to mitigate the
risks._
High
### Documentation Update
Upgrade protobuf version to 3.25.5 to fix CVE-2024-7254
_Describe any necessary documentation update if there is any new feature,
config, or user-facing change. If not, put "none"._
- _The config description must be updated if new configs are added or the
default value of the configs are changed_
- _Any new feature or user-facing change requires updating the Hudi website.
Please create a Jira ticket, attach the
ticket number here and follow the
[instruction](https://hudi.apache.org/contribute/developer-setup#website) to
make
changes to the website._
### Contributor's checklist
- [ ] Read through [contributor's
guide](https://hudi.apache.org/contribute/how-to-contribute)
- [ ] Change Logs and Impact were stated clearly
- [ ] Adequate tests were added if applicable
- [ ] CI passed
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
