(pulsar) 02/02: [fix][sec] Upgrade Avro to 1.11.4 to address CVE-2024-47561 (#23394)

Fri, 04 Oct 2024 05:39:30 -0700 

This is an automated email from the ASF dual-hosted git repository.

lhotari pushed a commit to branch branch-2.9
in repository https://gitbox.apache.org/repos/asf/pulsar.git

commit 8571e65a1af0df5058397cdb096e794b41a93258
Author: Lari Hotari <[email protected]>
AuthorDate: Fri Oct 4 02:15:47 2024 +0300

    [fix][sec] Upgrade Avro to 1.11.4 to address CVE-2024-47561 (#23394)
---
 distribution/server/src/assemble/LICENSE.bin.txt | 4 ++--
 pom.xml                                          | 2 +-
 pulsar-sql/presto-distribution/LICENSE           | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/distribution/server/src/assemble/LICENSE.bin.txt 
b/distribution/server/src/assemble/LICENSE.bin.txt
index 9a1c46bfaad..d9cdff85dca 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -489,8 +489,8 @@ The Apache Software License, Version 2.0
   * Jodah
     - net.jodah-typetools-0.5.0.jar
   * Apache Avro
-    - org.apache.avro-avro-1.11.3.jar
-    - org.apache.avro-avro-protobuf-1.11.3.jar
+    - org.apache.avro-avro-1.11.4.jar
+    - org.apache.avro-avro-protobuf-1.11.4.jar
   * Apache Curator
     - org.apache.curator-curator-client-5.1.0.jar
     - org.apache.curator-curator-framework-5.1.0.jar
diff --git a/pom.xml b/pom.xml
index 886993e880d..de28100e715 100644
--- a/pom.xml
+++ b/pom.xml
@@ -144,7 +144,7 @@ flexible messaging model and an intuitive client 
API.</description>
     <kafka-client.version>2.7.2</kafka-client.version>
     <rabbitmq-client.version>5.1.1</rabbitmq-client.version>
     <aws-sdk.version>1.11.774</aws-sdk.version>
-    <avro.version>1.11.3</avro.version>
+    <avro.version>1.11.4</avro.version>
     <joda.version>2.10.5</joda.version>
     <jclouds.version>2.5.0</jclouds.version>
     <guice.version>5.1.0</guice.version>
diff --git a/pulsar-sql/presto-distribution/LICENSE 
b/pulsar-sql/presto-distribution/LICENSE
index a88ed94849e..7a3db777dae 100644
--- a/pulsar-sql/presto-distribution/LICENSE
+++ b/pulsar-sql/presto-distribution/LICENSE
@@ -366,8 +366,8 @@ The Apache Software License, Version 2.0
   * Apache XBean :: Reflect
     - xbean-reflect-3.4.jar
   * Avro
-    - avro-1.11.3.jar
-    - avro-protobuf-1.11.3.jar
+    - avro-1.11.4.jar
+    - avro-protobuf-1.11.4.jar
   * Caffeine
     - caffeine-2.9.1.jar
   * Javax

Reply via email to