Skip to content

Upgrade avro to 1.11.3 to fix CVE-2023-39410#295

Merged
sidhdirenge merged 1 commit into
developfrom
jetski/fix-cve-2023-39410
Jul 2, 2026
Merged

Upgrade avro to 1.11.3 to fix CVE-2023-39410#295
sidhdirenge merged 1 commit into
developfrom
jetski/fix-cve-2023-39410

Conversation

@sidhdirenge

Copy link
Copy Markdown
Contributor

This PR upgrades avro to 1.11.3 to remediate CVE-2023-39410. It also updates the import of ImmutableList in BigQueryEventConsumer.java to standard Guava import, as the shaded avro package does not exist in 1.11.3.

@sidhdirenge sidhdirenge force-pushed the jetski/fix-cve-2023-39410 branch from 7a946f3 to f773c2b Compare June 18, 2026 05:17
@sidhdirenge sidhdirenge changed the title Upgrade avro to 1.11.3 to fix CVE-2023-39410 and fix imports Upgrade avro to 1.11.3 to fix CVE-2023-39410 Jul 2, 2026
@sidhdirenge sidhdirenge merged commit f3319b4 into develop Jul 2, 2026
9 checks passed
@sidhdirenge sidhdirenge deleted the jetski/fix-cve-2023-39410 branch July 2, 2026 11:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants