[ https://issues.apache.org/jira/browse/FLINK-21021?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dian Fu reassigned FLINK-21021: ------------------------------- Assignee: Huang Xingbo > Bump Beam to 2.27.0 > ------------------- > > Key: FLINK-21021 > URL: https://issues.apache.org/jira/browse/FLINK-21021 > Project: Flink > Issue Type: Improvement > Components: API / Python > Reporter: Dian Fu > Assignee: Huang Xingbo > Priority: Critical > Fix For: 1.13.0 > > > The current Beam version (2.23.0) depends on Netty 4.1.42.Final which suffers > the following security issues: > https://nvd.nist.gov/vuln/detail/CVE-2020-11612, fixed in 4.1.46 > https://nvd.nist.gov/vuln/detail/CVE-2019-20445, fixed in 4.1.44 > https://nvd.nist.gov/vuln/detail/CVE-2019-20444, fixed in 4.1.44 > The latest Beam (2.27.0) depends on depends Netty 4.1.51.Final. Bump Beam > should address this issue. -- This message was sent by Atlassian Jira (v8.3.4#803005)