Andrew Kyle Purtell created PHOENIX-6906:
--------------------------------------------
Summary: [phoenix-connectors] Upgrade kafka-client version used
for phoenix-kafka due to CVE issues
Key: PHOENIX-6906
URL: https://issues.apache.org/jira/browse/PHOENIX-6906
Project: Phoenix
Issue Type: Bug
Components: kafka-connector
Reporter: Andrew Kyle Purtell
The version of kafka-client used by phoenix-kafka has known CVE issues, refer
to https://kafka.apache.org/cve-list . To get past the CVE issues this
component should be upgraded to 3.4.0. Unfortunately this represents a major
version upgrade and the current PhoenixConsumer and/or its test code must be
significantly changed to accomodate it. After tinkering with PhoenixConsumerIT
to deal with configuration changes (admin requires bootstrap.servers property)
the consumer throws ConcurrentModificationExceptions, indicating the current
threading model used by PhoenixConsumer is now no longer correct.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
