Changelog for HDFS 2 Sink Connector for Confluent Platform

Version 10.2.12

  • PR-705 - CC-29504: Bumped kafka-connect-storage-common version to 11.2.20 to resolve CVE-2024-47561
  • PR-705 - CC-29566: Bumped kafka-connect-storage-common version to 11.2.20 to resolve CVE-2024-8184
  • PR-705 - CC-29601: Bumped velocity-engine-core dependency version to 2.4 to resolve CVE-2024-47554

Version 10.2.11

  • PR-704 - CC-29302: Bumped protobuf-java dependency version to 3.25.5 to resolve CVE-2024-7254
  • PR-704 - CC-29425: Bumped commons-io dependency version to 2.14.0 to resolve CVE-2024-47554

Version 10.2.10

  • PR-703 - CC-28069: Bumped tomcat-embed-core dependency version to 8.5.100 to resolve CVE-2021-30640, CVE-2021-33037, CVE-2021-42340, CVE-2022-23181, CVE-2022-25762, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2023-28708, CVE-2023-41080, CVE-2023-42795, CVE-2023-44487, CVE-2023-45648, CVE-2023-46589, CVE-2024-24549

Version 10.2.9

  • PR-702 - CC-27237: Bumped libthrift dependency version to 0.14.0 to resolve CVE-2020-13949
  • PR-702 - CC-27444: Bumped aircompressor dependency version to 0.27.0 to resolve CVE-2024-36114

Version 10.2.8

  • PR-700 - CC-27233: Bumped jetty-io dependency version to 9.4.53.v20231009 to resolve CVE-2023-44487, CVE-2023-36478, CVE-2023-41900, CVE-2023-40167 and CVE-2023-36479
  • PR-693 - CC-26341: Bumped jackson-databind dependency version to 2.16.1 to resolve CVE-2023-35116
  • PR-693 - CC-26342: Bumped nimbus-jose-jwt dependency version to 9.37.2 to resolve CVE-2023-52428
  • PR-693 - CC-26343: Excluded commons-httpclient dependency to resolve CVE-2020-13956
  • PR-693 - CC-26345: Bumped okio dependency version to 3.4.0 to resolve CVE-2023-3635
  • PR-693 - CC-26346: Bumped netty-codec-http dependency version to 4.1.108.Final to resolve CVE-2024-29025
  • PR-693 - CC-27071: Bumped avatica-core dependency version to 1.22.0 to resolve CVE-2022-36364

Version 10.2.7

  • PR-688 - CC-26117: Fixed CVE-2023-39410, CVE-2023-4586, CVE-2023-44487, CVE-2023-44981, CVE-2024-26308

Version 10.2.6

  • PR-677 - CC-23123 : Integrated Sonarqube code quality check
  • PR-678 - RCCA-16236: AVRO buffer loss fix on IOException

Version 10.2.5

  • PR-672 - Fixed CVE-2023-43642, CVE-2023-34455, CVE-2022-46751.

Version 10.2.4

Version 10.2.3

Version 10.2.2

  • PR-652 - Fixed CVE-2020-13956, CVE-2022-2343, CVE-2014-125087, CVE-2021-41973, CVE-2019-0231, CVE-2022-37865, CVE-2022-37866, CVE-2023-1370, CVE-2021-37533, CVE-2023-1436, CVE-2023-1370, CVE-2022-37865, CVE-2014-125087. Updated Ivy, commons-net, json-smart, mina-core and xmlbuilder.

Version 10.2.1

  • PR-656 - Fixed CVE-2022-40149, CVE-2022-40150, CVE-2022-40153, CVE-2022-42003, CVE-2022-42004.

Version 10.2.0

  • PR-651 - CCLOG-2401: Support for hierarchical ORC data and logical tpes.