nikhilerigila09 opened a new pull request, #22641: URL: https://github.com/apache/pulsar/pull/22641
Fixes https://github.com/apache/pulsar/issues/22626 ### Motivation Avoid CVE-2023-4586 ### Modifications Upgrade elasticsearch-java version to 8.12.1 which avoids `org.infinispan:infinispan-client-hotrod@14.0.4.Final` which has the vulnerability and uses `org.infinispan:infinispan-client-hotrod-jakarta@14.0.4.Final` instead, which has no vulnerabilities. ### Verifying this change - [X] Make sure that the change passes the CI checks. ### Does this pull request potentially affect one of the following parts: *If the box was checked, please highlight the changes* - [X] Dependencies (add or upgrade a dependency) - [ ] The public API - [ ] The schema - [ ] The default values of configurations - [ ] The threading model - [ ] The binary protocol - [ ] The REST endpoints - [ ] The admin CLI options - [ ] The metrics - [ ] Anything that affects deployment ### Documentation <!-- DO NOT REMOVE THIS SECTION. CHECK THE PROPER BOX ONLY. --> - [ ] `doc` <!-- Your PR contains doc changes. --> - [ ] `doc-required` <!-- Your PR changes impact docs and you will update later --> - [X] `doc-not-needed` <!-- Your PR changes do not impact docs --> - [ ] `doc-complete` <!-- Docs have been already added --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
