[
https://issues.apache.org/jira/browse/KAFKA-19739?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Patrik Nagy updated KAFKA-19739:
--------------------------------
Description:
In KAFKA-19359, the commons-beanutils transitive dependency was force bumped in
the project to avoid related CVEs. The commons-validator already has a new
release, which solves this problem.
The force bump does not exist on all lines, so deleting the workaround is only
needed on branches where applicable.
was:In KAFKA-19359, the commons-beanutils transitive dependency was force
bumped in the project to avoid related CVEs. The commons-validator already has
a new release, which solves this problem.
> Upgrade commons-validator to 1.10.0 and remove the forced commons-beanutils
> workaround if needed
> ------------------------------------------------------------------------------------------------
>
> Key: KAFKA-19739
> URL: https://issues.apache.org/jira/browse/KAFKA-19739
> Project: Kafka
> Issue Type: Task
> Reporter: Patrik Nagy
> Assignee: Patrik Nagy
> Priority: Major
>
> In KAFKA-19359, the commons-beanutils transitive dependency was force bumped
> in the project to avoid related CVEs. The commons-validator already has a new
> release, which solves this problem.
> The force bump does not exist on all lines, so deleting the workaround is
> only needed on branches where applicable.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
