Changelog for Google Cloud Storage Sink Connector for Confluent Platform

Version 10.1.12

  • Commons Configurations2 Update

Version 10.1.11

  • CVE Fixes: Version bumps for Commons, Jackson Databind, Bitbucket jose4j, Numbus

Version 10.1.10

No changes

Version 10.1.9

  • Multiple CVE fixes: CVE-2024-26308, CVE-2023-31582, CVE-2023-39410
  • [CC-24430] GCS sink connector to only accept required fields from customer provided credentials to avoid SSRF
  • Fix for CVEs : CC-23105, CC-25351

Version 10.1.8

  • Update Snappy Java to v1.1.10.5

Version 10.1.7

  • CC-20532, CC-20533, CC-20981, CC-21191: Fix CVEs

Version 10.1.6

  • Addressed CVE in net.minidev_json-smart (CVE-2023-1370)
  • Addressed CVE in org.yaml_snakeyaml (CVE-2022-1471)
  • Addressed CVE in org.codehaus.jettison_jettison (CVE-2023-1436)

Version 10.1.5

  • Added user agent header in GCS client

Version 10.1.4

  • Storage Common Bump from 10.0.12 to 10.0.19
  • Addressed CVE in jackson-databind
  • Addressed CVE in nimbus-jose-jwt (CVE-2021-31684)
  • Addressed CVE in commons-net (CVE-2021-37533)

Version 10.1.3

  • CC-19097: Remove Htrace dependency

Version 10.1.2

  • CC-18578: Updated Jettison to 1.5.2

Version 10.1.1

  • CCMSG-2331: CVE fix for woodstox-core dependency
  • CCMSG-2085, CCMSG-2215: Fix CVEs for jackson databind and SnakeYAML
  • CCMSG-2292: Bumped hadoop-common dependency version to 3.2.4
  • CCMSG-2292, CCMSG-2288: CVE fix for hadoop-common and Jettison dependency
  • Updated connect-plugins-common to 0.5.28

Version 10.1.0

  • CCMSG-2063: Added Content Encoding
  • RCCA-8828: Fixed rotate scheduler interval issue
  • CCMSG-2028: Bumped Hadoop to 2.10.2
  • CCMSG-2040: Updated HDFS dependency
  • CC-17631: Fixed Google Oauth-Client CVE
  • CC-17618: Migrated from confluent-log4j to reload4j
  • CCMSG-1817: Upgraded protobuf to 3.19.4 to resolve CVE
  • CCMSG-1799: Caught NoSuchMethodError when instantiating errant reporter
  • CC-9726: Added errant record reporter to GCS sink