[
https://issues.apache.org/jira/browse/FLINK-33149?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17776130#comment-17776130
]
Matthias Pohl commented on FLINK-33149:
---------------------------------------
Reverted the fixVersion change back to 1.18.0 (and added the other fix
version). The issue is resolved in 1.18.0 already. This Jira issues isn't
closed, yet, due to the open work on the connectors as far as I understand.
> Bump snappy-java to 1.1.10.4
> ----------------------------
>
> Key: FLINK-33149
> URL: https://issues.apache.org/jira/browse/FLINK-33149
> Project: Flink
> Issue Type: Bug
> Components: API / Core, Connectors / AWS, Connectors / HBase,
> Connectors / Kafka, Stateful Functions
> Affects Versions: 1.18.0, 1.16.3, 1.17.2
> Reporter: Ryan Skraba
> Assignee: Ryan Skraba
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.18.0, kafka-4.0.0, 1.16.3, 1.17.2
>
>
> Xerial published a security alert for a Denial of Service attack that [exists
> on
> 1.1.10.1|https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv].
> This is included in flink-dist, but also in flink-statefun, and several
> connectors.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
