[jira] [Resolved] (FLINK-36643) Upgrade aws-java-sdk-core to 1.12.773+ to fix vulnerability

Sergey Nuyanzin (Jira) Wed, 04 Dec 2024 14:02:07 -0800


     [ 
https://issues.apache.org/jira/browse/FLINK-36643?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Sergey Nuyanzin resolved FLINK-36643.
-------------------------------------
    Resolution: Fixed

> Upgrade aws-java-sdk-core to 1.12.773+ to fix vulnerability
> -----------------------------------------------------------
>
>                 Key: FLINK-36643
>                 URL: https://issues.apache.org/jira/browse/FLINK-36643
>             Project: Flink
>          Issue Type: Improvement
>          Components: FileSystems
>    Affects Versions: 2.0.0
>            Reporter: Thomas Cooper
>            Assignee: Thomas Cooper
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 2.0.0, 1.19.2, 1.20.1
>
>
> The current version of aws-java-sdk-core, used in the flink-s3-fs-base 
> module, has a high severity vulnerability 
> ([CVE-2024-21634|https://nvd.nist.gov/vuln/detail/CVE-2024-21634]). 
> To address this we need to update to version 1.12.773 or higher, 1.12.777 is 
> the current latest version.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (FLINK-36643) Upgrade aws-java-sdk-core to 1.12.773+ to fix vulnerability

Reply via email to