Hi, We have been using Avro for some time in the APEX policy engine (https://ericsson.github.io/apex-docs/) , which is now being introduced into the ONAP (https://www.onap.org/) Policy Framework.
The dependencies of Avro on Jackson have shown up as security vulnerabilities. We have noticed some issues already registered on this issue in the Avro JIRA, for example: AVRO-1126 AVRO-1605 We are wondering when a version of Avro will be released that resolve these issues? We could not see any release plan for Avro on the wiki or Avro web site. Best Regards Liam Fallon
