Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-32441

Upgrade Avro from 1.9.2 to 1.11.3

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: In Review
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 2021.0
    • Fix Version/s: 2021.x
    • Component/s: Security
    • Tags:
    • Backlog priority:
      900
    • Sprint:
      nxplatform #112
    • Story Points:
      5

      Description

      In order to fix CVE-2023-39410 we need to upgrade avro from 1.9.2 (or 1.11.1 for LTS 2023) to 1.11.3

      https://github.com/advisories/GHSA-rhrv-645h-fjfh

        Attachments

          Issue Links

          depends on

          Bug - A problem which impairs or prevents the functions of the product. NXP-32511 Missing Avro schemas for Document and Blob domain events

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • In Review
          is related to

          Bug - A problem which impairs or prevents the functions of the product. NXP-32142 Update avro.version

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: