flink-connectors icon indicating copy to clipboard operation
flink-connectors copied to clipboard

Published 20 hours ago verified publisher icon pravega

Update Flink version to avoid log4j2 vulnerability during build

Open crazyzhou opened this issue 2 years ago • 0 comments

Problem description To avoid the log4j-core jars with vulnerability CVE-2021-44228 being downloaded during the compilation of the project, we need to update the Flink dependency version.

We need to update like this:

Branch Flink version
master 1.15.0
r0.12-flink1.14 1.14.4
r0.12-flink1.13 1.13.6

Problem location gradle.properties

Suggestions for an improvement

crazyzhou avatar Jun 06 '22 02:06 crazyzhou