[
https://issues.apache.org/jira/browse/FLINK-34955?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17834682#comment-17834682
]
Shilun Fan commented on FLINK-34955:
------------------------------------
[~gongzhongqiang] Of course, if upgrading is possible, it would be a positive
step forward. I think we should give it a try. I see that you have created the
relevant JIRA ticket, so you can go ahead and attempt it. Hopefully, it will be
successful.
> Upgrade commons-compress to 1.26.0
> ----------------------------------
>
> Key: FLINK-34955
> URL: https://issues.apache.org/jira/browse/FLINK-34955
> Project: Flink
> Issue Type: Improvement
> Reporter: Shilun Fan
> Assignee: Shilun Fan
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.18.2, 1.20.0, 1.19.1
>
>
> commons-compress 1.24.0 has CVE issues, try to upgrade to 1.26.0, we can
> refer to the maven link
> https://mvnrepository.com/artifact/org.apache.commons/commons-compress
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
