[jira] [Updated] (FLINK-36643) Upgrade aws-java-sdk-core to 1.12.773+ to fix vulnerability

Thomas Cooper (Jira) Thu, 31 Oct 2024 08:25:41 -0700


     [ 
https://issues.apache.org/jira/browse/FLINK-36643?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Thomas Cooper updated FLINK-36643:
----------------------------------
    Component/s: FileSystems

> Upgrade aws-java-sdk-core to 1.12.773+ to fix vulnerability
> -----------------------------------------------------------
>
>                 Key: FLINK-36643
>                 URL: https://issues.apache.org/jira/browse/FLINK-36643
>             Project: Flink
>          Issue Type: Improvement
>          Components: FileSystems
>    Affects Versions: 2.0.0
>            Reporter: Thomas Cooper
>            Priority: Major
>
> The current version of aws-java-sdk-core, used in the flink-s3-fs-base 
> module, has a high severity vulnerability 
> ([CVE-2024-21634|https://nvd.nist.gov/vuln/detail/CVE-2024-21634]). 
> To address this we need to update to version 1.12.773 or higher, 1.12.777 is 
> the current latest version.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (FLINK-36643) Upgrade aws-java-sdk-core to 1.12.773+ to fix vulnerability

Reply via email to