mehradpk opened a new pull request, #12010: URL: https://github.com/apache/hudi/pull/12010
Upgrade httpclient version to 4.5.13 Upgrade avro version to 1.11.3 **Reference PR** - https://github.com/apache/hudi/pull/11964 ### Change Logs This issue will address the below CVE from hudi-presto-bundle:0.14.0 jar https://nvd.nist.gov/vuln/detail/CVE-2023-39410 https://nvd.nist.gov/vuln/detail/CVE-2020-13956 ### Impact No user facing impacts ### Risk level (write none, low medium or high below) Included the new changes in presto and we haven't seen any regression issues ### Documentation Update None ### Contributor's checklist - [x] Read through [contributor's guide](https://hudi.apache.org/contribute/how-to-contribute) - [x] Change Logs and Impact were stated clearly - [x] Adequate tests were added if applicable - [ ] CI passed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@hudi.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
