Thomas Cooper created FLINK-36593:
-------------------------------------

             Summary: Upgrade io.airlift:aircompressor to mitigate CVE
                 Key: FLINK-36593
                 URL: https://issues.apache.org/jira/browse/FLINK-36593
             Project: Flink
          Issue Type: Improvement
    Affects Versions: 2.0-preview
            Reporter: Thomas Cooper


The current version of the aircompressor library (0.21), used in the 
flink-runtime module, has a vulnerability: 
[CVE-2024-36114](https://nvd.nist.gov/vuln/detail/CVE-2024-36114).

This can be mitigated by upgrading to version 0.27 of the library.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to