[NXP-32441] Upgrade Avro from 1.9.2 to 1.11.3 - Nuxeo Issue Tracker

XML

Word

Printable

Release Notes Summary:
Make sure custom Avro Schemas are registered.
Tags:
- SupCom
- nxplatform
Backlog priority:
900
Upgrade notes:

Hide

Avro library has been upgraded for security reason. The new version changes the Avro Schema definition and its fingerprints. Nuxeo is taking care of contributing old and new schemas to be backward compatible.
If you are defining custom Avro Schemas, they must be registered to ensure the backward compatibility.

Show
Avro library has been upgraded for security reason. The new version changes the Avro Schema definition and its fingerprints. Nuxeo is taking care of contributing old and new schemas to be backward compatible. If you are defining custom Avro Schemas, they must be registered to ensure the backward compatibility.
Sprint:
nxplatform #112
Story Points:
5

In order to fix CVE-2023-39410 we need to upgrade avro from 1.9.2 (or 1.11.1 for LTS 2023) to 1.11.3

depends on

NXP-32511 Missing Avro schemas for Document and Blob domain events

is related to

NXP-32142 Update avro.version