From 0dd71384959d30dedea59575c622c14d6d07cf94 Mon Sep 17 00:00:00 2001 From: Boxuan Li Date: Tue, 3 Oct 2023 21:14:51 -0700 Subject: [PATCH] Bump avro to 1.11.3 See CVE-2023-39410 for vulnerablity in avro 1.11.2 and below Signed-off-by: Boxuan Li (cherry picked from commit a70df84806f493bd7a762793474f0f8249190b1e) # Conflicts: # pom.xml --- pom.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 362fbfb6e1..da5712d7ae 100644 --- a/pom.xml +++ b/pom.xml @@ -57,6 +57,7 @@ 1.0.0,1.1.0-SNAPSHOT 3.5.7 + 1.11.3 1.10.0 5.10.0 4.11.0 @@ -743,7 +744,7 @@ org.apache.avro avro - 1.11.1 + ${avro.version} jboss-logging