[
https://issues.apache.org/jira/browse/KAFKA-19739?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Patrik Nagy updated KAFKA-19739:
--------------------------------
Description:
In KAFKA-19359, the commons-beanutils transitive dependency was force bumped in
the project to avoid related CVEs. The commons-validator already has a new
release, which solves this problem:
[https://github.com/apache/commons-validator/tags]
The workaround could be deleted as part of the version bump.
was:
In KAFKA-19359, the commons-beanutils transitive dependency was force bumped in
the project to avoid related CVEs. The commons-validator already has a new
release, which solves this problem.
The force bump does not exist on all lines, so deleting the workaround is only
needed on branches where applicable.
> Upgrade commons-validator to 1.10.0
> -----------------------------------
>
> Key: KAFKA-19739
> URL: https://issues.apache.org/jira/browse/KAFKA-19739
> Project: Kafka
> Issue Type: Task
> Reporter: Patrik Nagy
> Assignee: Patrik Nagy
> Priority: Major
>
> In KAFKA-19359, the commons-beanutils transitive dependency was force bumped
> in the project to avoid related CVEs. The commons-validator already has a new
> release, which solves this problem:
> [https://github.com/apache/commons-validator/tags]
> The workaround could be deleted as part of the version bump.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
