Skip to content

Commit

Permalink
Update confluent version to fix CVE-2024-26308 CVE-2024-25710 (#32674)
Browse files Browse the repository at this point in the history
* bump confluent version

Kafka Schema Registry Client has been reported with following vuln 
CVE-2024-26308
CVE-2024-25710 due to vulnerable dependencies.

* try slighly older version due to unmet dependencies to ThrottlingQuotaExceededException

* try slighly older version due to unmet dependencies to ThrottlingQuotaExceededException

* comment on version
  • Loading branch information
stankiewicz authored Dec 11, 2024
1 parent e2ff659 commit a272823
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion sdks/java/io/kafka/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,8 @@ enableJavaPerformanceTesting()
description = "Apache Beam :: SDKs :: Java :: IO :: Kafka"
ext {
summary = "Library to read Kafka topics."
confluentVersion = "7.6.0"
// newer versions e.g. 7.6.* require dropping support for older kafka versions.
confluentVersion = "7.5.5"
}

def kafkaVersions = [
Expand Down

0 comments on commit a272823

Please sign in to comment.