[
https://issues.apache.org/jira/browse/AVRO-3215?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17418573#comment-17418573
]
Martin Tzvetanov Grigorov commented on AVRO-3215:
-------------------------------------------------
There are talks to release 1.11.0 since some time. So it must be "soon" but I
don't know when exactly.
If you use Maven/Gradle you can override the version and your project will use
1.21. The security scanner will be happy too.
> common-compress dependecy has security vulnerabilities
> -------------------------------------------------------
>
> Key: AVRO-3215
> URL: https://issues.apache.org/jira/browse/AVRO-3215
> Project: Apache Avro
> Issue Type: Bug
> Reporter: Xavier
> Priority: Major
> Fix For: 1.11.0
>
>
> Hi,
> The latest apache avro version 1.10.2 has dependecy on
> org.apache.commons:commons-compress:1.20 which has security vulnerabilities.
> Please upgrade to org.apache.commons:commons-compress:1.21
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
