[ https://issues.apache.org/jira/browse/FLINK-36643?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sergey Nuyanzin updated FLINK-36643: ------------------------------------ Summary: Upgrade aws-java-sdk-core to 1.12.779 to fix vulnerability (was: Upgrade aws-java-sdk-core to 1.12.773+ to fix vulnerability) > Upgrade aws-java-sdk-core to 1.12.779 to fix vulnerability > ---------------------------------------------------------- > > Key: FLINK-36643 > URL: https://issues.apache.org/jira/browse/FLINK-36643 > Project: Flink > Issue Type: Improvement > Components: FileSystems > Affects Versions: 2.0.0 > Reporter: Thomas Cooper > Assignee: Thomas Cooper > Priority: Major > Labels: pull-request-available > Fix For: 2.0.0, 1.19.2, 1.20.1 > > > The current version of aws-java-sdk-core, used in the flink-s3-fs-base > module, has a high severity vulnerability > ([CVE-2024-21634|https://nvd.nist.gov/vuln/detail/CVE-2024-21634]). > To address this we need to update to version 1.12.773 or higher, 1.12.777 is > the current latest version. -- This message was sent by Atlassian Jira (v8.20.10#820010)