[jira] [Updated] (FLINK-31216) Update kryo to current

Morey Straus (Jira) Fri, 24 Feb 2023 12:33:08 -0800


     [ 
https://issues.apache.org/jira/browse/FLINK-31216?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Morey Straus updated FLINK-31216:
---------------------------------
    Description: kryo 2.24 is several years out of date and has a 
[deserialization 
vulnerability|https://github.com/EsotericSoftware/kryo/issues/942] associated 
with it.  Please update to current.  (was: kryo 2.24 is several years out of 
date and has a deserialization vulnerability associated with it.  Please update 
to current.)

> Update kryo to current
> ----------------------
>
>                 Key: FLINK-31216
>                 URL: https://issues.apache.org/jira/browse/FLINK-31216
>             Project: Flink
>          Issue Type: Technical Debt
>            Reporter: Morey Straus
>            Priority: Major
>              Labels: security
>
> kryo 2.24 is several years out of date and has a [deserialization 
> vulnerability|https://github.com/EsotericSoftware/kryo/issues/942] associated 
> with it.  Please update to current.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (FLINK-31216) Update kryo to current

Reply via email to