[jira] [Resolved] (CALCITE-5232) Upgrade protobuf-java from 3.17.1 to 3.21.5

Julian Hyde (Jira) Thu, 11 Aug 2022 14:39:08 -0700


     [ 
https://issues.apache.org/jira/browse/CALCITE-5232?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Julian Hyde resolved CALCITE-5232.
----------------------------------
    Resolution: Fixed

Fixed in Calcite 
[87cf4b11|https://github.com/apache/calcite/commit/87cf4b11a42f21ded2e7732cfca3fba568412943].

> Upgrade protobuf-java from 3.17.1 to 3.21.5
> -------------------------------------------
>
>                 Key: CALCITE-5232
>                 URL: https://issues.apache.org/jira/browse/CALCITE-5232
>             Project: Calcite
>          Issue Type: Bug
>          Components: avatica, core
>    Affects Versions: 1.31.0, avatica-1.22.0
>            Reporter: Julian Hyde
>            Assignee: Julian Hyde
>            Priority: Major
>             Fix For: 1.32.0, avatica-1.23.0
>
>
> Upgrade protobuf-java in Calcite and Avatica.
> Some scanning tools say that the current version, 3.17.1, is affected by 
> [CVE-2021-22569|https://nvd.nist.gov/vuln/detail/CVE-2021-22569]. It is not, 
> but this upgrade makes those warnings go away.
> As for CALCITE-4626, we plan to upgrade both Avatica and Calcite, to keep 
> them on the same protobuf-java version.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (CALCITE-5232) Upgrade protobuf-java from 3.17.1 to 3.21.5

Reply via email to