Uploaded image for project: 'ORC'
  1. ORC
  2. ORC-2035

Upgrade protobuf-java to 3.25.5 on branch-1.9

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.9.7
    • 1.9.8
    • None
    • None

    Description

      iceberg-spark-runtime depends on ORC 1.9.7 whose protobuf-java 3.22.3 dependency has CVE-2024-7254.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #2452

          Activity

            People

              mauzhang Manu Zhang
              mauzhang Manu Zhang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: