2.0.11 Fix CVE-2024-47561 in dependency

github-actions released this 17 Oct 12:12

· 1 commit to main since this release

This release fixes vulnerability CVE-2024-47561 by updating transitive dependency org.apache.avro:avro via org.apache.hadoop:hadoop-client.

Security

#76: Fixed vulnerability CVE-2024-47561 in org.apache.avro:avro

Dependency Updates

Compile Dependency Updates

Updated dnsjava:dnsjava:3.6.0 to 3.6.2
Removed io.airlift:aircompressor:0.27
Updated org.apache.avro:avro:1.11.3 to 1.12.0
Removed org.apache.commons:commons-compress:1.26.2
Updated org.apache.parquet:parquet-hadoop:1.14.1 to 1.14.3
Updated org.scala-lang:scala-library:2.13.14 to 2.13.15
Removed org.xerial.snappy:snappy-java:1.1.10.5

Test Dependency Updates

Updated nl.jqno.equalsverifier:equalsverifier:3.16.1 to 3.17.1
Updated org.hamcrest:hamcrest:2.2 to 3.0
Updated org.junit.jupiter:junit-jupiter:5.10.3 to 5.11.2
Updated org.mockito:mockito-core:5.12.0 to 5.14.2
Updated org.mockito:mockito-junit-jupiter:5.12.0 to 5.14.2

Assets 4