Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

stevenzwu commented on PR #13561: URL: https://github.com/apache/iceberg/pull/13561#issuecomment-3084598816 thanks @liko9 for the fix and @ajantha-bhat @nandorKollar for the review -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitH

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

stevenzwu merged PR #13561: URL: https://github.com/apache/iceberg/pull/13561 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@iceberg

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2212319525 ## kafka-connect/build.gradle: ## @@ -262,4 +263,4 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-transforms') { test { useJUnitPlatform()

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

stevenzwu commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2211564032 ## kafka-connect/build.gradle: ## @@ -262,4 +263,4 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-transforms') { test { useJUnitPlatform() } -

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r225485 ## kafka-connect/build.gradle: ## @@ -64,9 +64,14 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-runtime') { configurations { hive { ex

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

liko9 commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2211034266 ## kafka-connect/build.gradle: ## @@ -64,9 +64,14 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-runtime') { configurations { hive { extendsFr

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2210960084 ## kafka-connect/build.gradle: ## @@ -64,9 +64,14 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-runtime') { configurations { hive { ex

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

liko9 commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2210793342 ## kafka-connect/build.gradle: ## @@ -64,9 +64,14 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-runtime') { configurations { hive { extendsFr

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

liko9 commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2210791202 ## kafka-connect/build.gradle: ## @@ -262,4 +267,4 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-transforms') { test { useJUnitPlatform() } -} R

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2209219898 ## kafka-connect/build.gradle: ## @@ -64,9 +64,14 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-runtime') { configurations { hive { ex

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on PR #13561: URL: https://github.com/apache/iceberg/pull/13561#issuecomment-3076749023 I locally tried by just adding one line under existing `resolutionStrategy` and everything worked `force 'commons-beanutils:commons-beanutils:1.11.0'` Trivy also ran after

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2209219898 ## kafka-connect/build.gradle: ## @@ -64,9 +64,14 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-runtime') { configurations { hive { ex

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2209219898 ## kafka-connect/build.gradle: ## @@ -64,9 +64,14 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-runtime') { configurations { hive { ex

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2209218886 ## kafka-connect/build.gradle: ## @@ -64,9 +64,14 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-runtime') { configurations { hive { ex

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

ajantha-bhat commented on code in PR #13561: URL: https://github.com/apache/iceberg/pull/13561#discussion_r2209112111 ## kafka-connect/build.gradle: ## @@ -262,4 +267,4 @@ project(':iceberg-kafka-connect:iceberg-kafka-connect-transforms') { test { useJUnitPlatform()

Re: [PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

liko9 commented on PR #13561: URL: https://github.com/apache/iceberg/pull/13561#issuecomment-3075546768 resolves https://github.com/apache/iceberg/issues/13563 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL ab

[PR] kafka-connect: resolve CVE-2025-48734 [iceberg]

liko9 opened a new pull request, #13561: URL: https://github.com/apache/iceberg/pull/13561 removes commons-beanutils from non-hive deps, bump version to 1.11.0 to resolve CVE when using hive -- This is an automated message from the Apache Git Service. To respond to the message, please log