[ https://issues.apache.org/jira/browse/FLINK-34955?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17831639#comment-17831639 ]
Márton Balassi commented on FLINK-34955: ---------------------------------------- Thanks! Let us get this in quick and backport it to 1.19 and 1.18. > Upgrade commons-compress to 1.26.0 > ---------------------------------- > > Key: FLINK-34955 > URL: https://issues.apache.org/jira/browse/FLINK-34955 > Project: Flink > Issue Type: Improvement > Reporter: Shilun Fan > Priority: Major > Labels: pull-request-available > > commons-compress 1.24.0 has CVE issues, try to upgrade to 1.26.0, we can > refer to the maven link > https://mvnrepository.com/artifact/org.apache.commons/commons-compress -- This message was sent by Atlassian Jira (v8.20.10#820010)