[
https://issues.apache.org/jira/browse/PHOENIX-6906?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Istvan Toth resolved PHOENIX-6906.
----------------------------------
Resolution: Won't Fix
We have discussed this on the mailing list, and decided to drop the Kafka
connector due to lack of maintainers (and known users).
> [phoenix-connectors] Upgrade kafka-client version used for phoenix-kafka due
> to CVE issues
> ------------------------------------------------------------------------------------------
>
> Key: PHOENIX-6906
> URL: https://issues.apache.org/jira/browse/PHOENIX-6906
> Project: Phoenix
> Issue Type: Bug
> Components: kafka-connector
> Reporter: Andrew Kyle Purtell
> Priority: Major
>
> The version of kafka-client used by phoenix-kafka has known CVE issues, refer
> to https://kafka.apache.org/cve-list . To get past the CVE issues this
> component should be upgraded to 3.4.0. Unfortunately this represents a major
> version upgrade and the current PhoenixConsumer and/or its test code must be
> significantly changed to accomodate it. After tinkering with
> PhoenixConsumerIT to deal with configuration changes (admin requires
> bootstrap.servers property) the consumer throws
> ConcurrentModificationExceptions, indicating the current threading model used
> by PhoenixConsumer is now no longer correct.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
