[
https://issues.apache.org/jira/browse/FLINK-36602?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thomas Cooper updated FLINK-36602:
----------------------------------
Description: The currently used Calcite version (1.32) has a high severity
vulnerability ([CVE-2023-1370|https://nvd.nist.gov/vuln/detail/CVE-2023-1370]).
This can be mitigated by upgrading to Calcite 1.37 or higher. As [1.38 has been
released|https://calcite.apache.org/news/2024/10/15/release-1.38.0/] we should
probably upgrade to that. (was: The currently used Calcite version (1.32) has
a high severity vulnerability
([CVE-2023-1370|https://nvd.nist.gov/vuln/detail/CVE-2023-1370]). This can be
mitigated by upgrading to Calcite 1.37 or higher. As 1.38 has been released we
should probably upgrade to that.)
> Upgrade Calcite version to 1.38.0
> ---------------------------------
>
> Key: FLINK-36602
> URL: https://issues.apache.org/jira/browse/FLINK-36602
> Project: Flink
> Issue Type: Improvement
> Components: Table SQL / API
> Affects Versions: 2.0-preview
> Reporter: Thomas Cooper
> Priority: Major
>
> The currently used Calcite version (1.32) has a high severity vulnerability
> ([CVE-2023-1370|https://nvd.nist.gov/vuln/detail/CVE-2023-1370]). This can be
> mitigated by upgrading to Calcite 1.37 or higher. As [1.38 has been
> released|https://calcite.apache.org/news/2024/10/15/release-1.38.0/] we
> should probably upgrade to that.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
