[
https://issues.apache.org/jira/browse/FLINK-36510?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17908704#comment-17908704
]
Matthias Pohl commented on FLINK-36510:
---------------------------------------
I created FLINK-36979 as a release blocker and provided PRs for reverting the
version bumps in 1.19 and 1.20 considering that the release of 1.20.1 and
1.19.2 are currently discussed.
> Upgrade Pekko from 1.0.1 to 1.1.2
> ---------------------------------
>
> Key: FLINK-36510
> URL: https://issues.apache.org/jira/browse/FLINK-36510
> Project: Flink
> Issue Type: Technical Debt
> Components: Runtime / Coordination
> Affects Versions: 1.20.0, 1.19.1, 2.0-preview
> Reporter: Grace Grimwood
> Assignee: Grace Grimwood
> Priority: Major
> Labels: pull-request-available
> Fix For: 2.0.0, 1.19.2, 1.20.1
>
>
> Updates Pekko dependency to 1.1.2 which in turn upgrades Netty 3 to 4
> (addressing FLINK-29065 and removing several CVEs from Flink). Pekko 1.1 also
> upgrades other dependencies such as slf4j and Jackson. For more details see
> the [Pekko 1.1 release
> notes|https://pekko.apache.org/docs/pekko/current/release-notes/releases-1.1.html].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
