[
https://issues.apache.org/jira/browse/HADOOP-19456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17928077#comment-17928077
]
PJ Fanning commented on HADOOP-19456:
-------------------------------------
Users with affected applications are recommended to upgrade kafka-clients to
version >=3.8.0, and set the JVM system property
"org.apache.kafka.automatic.config.providers=none".
Why are we not upgrading to v3.8.0 + ?
> Upgrade kafka to 3.7.2 to fix CVE-2024-31141
> --------------------------------------------
>
> Key: HADOOP-19456
> URL: https://issues.apache.org/jira/browse/HADOOP-19456
> Project: Hadoop Common
> Issue Type: Task
> Components: build
> Affects Versions: 3.4.1
> Reporter: Palakur Eshwitha Sai
> Assignee: Palakur Eshwitha Sai
> Priority: Major
>
> Upgrade kafka-clients to 3.7.2 to fix
> [https://nvd.nist.gov/vuln/detail/CVE-2024-31141]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
