[
https://issues.apache.org/jira/browse/FLINK-33408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Zhou Shijie updated FLINK-33408:
--------------------------------
Description:
Fix the container vulnerability in
[CVE-2022-1471|https://github.com/advisories/GHSA-mjmj-j48q-9wg2] by upgrade
the SnakeYaml dependency version in flink-kubernetes module.
Upgrade the Kubernetes Client from 6.6.2 to 6.7.0, thereby upgrading the
version of snakeyaml, which the Kubernetes Client indirectly depends on, from
1.33 to 2.0.
was:
_Fix the container vulnerability in
[CVE-2022-1471|https://github.com/advisories/GHSA-mjmj-j48q-9wg2] by upgrade
the SnakeYaml Maven dependency in flink-kubernetes module._
Upgrade the Kubernetes Client from 6.6.2 to 6.7.0, thereby upgrading the
version of snakeyaml, which the Kubernetes Client indirectly depends on, from
1.33 to 2.0.
h4.
> Fixing the container vulnerability by upgrade the SnakeYaml Maven dependency
> in flink-kubernetes module.
> --------------------------------------------------------------------------------------------------------
>
> Key: FLINK-33408
> URL: https://issues.apache.org/jira/browse/FLINK-33408
> Project: Flink
> Issue Type: Improvement
> Components: Deployment / Kubernetes
> Affects Versions: 1.18.0
> Reporter: Zhou Shijie
> Priority: Major
> Labels: pull-request-available
>
> Fix the container vulnerability in
> [CVE-2022-1471|https://github.com/advisories/GHSA-mjmj-j48q-9wg2] by upgrade
> the SnakeYaml dependency version in flink-kubernetes module.
> Upgrade the Kubernetes Client from 6.6.2 to 6.7.0, thereby upgrading the
> version of snakeyaml, which the Kubernetes Client indirectly depends on, from
> 1.33 to 2.0.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
