From 7ee60630fbf4e837879e4a4deb66b96724a73fc8 Mon Sep 17 00:00:00 2001 From: liferoad Date: Mon, 7 Apr 2025 20:53:07 -0400 Subject: [PATCH 1/2] try parquet_version 1.51.1 --- sdks/java/io/file-schema-transform/build.gradle | 2 +- sdks/java/io/iceberg/build.gradle | 2 +- sdks/java/io/parquet/build.gradle | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/sdks/java/io/file-schema-transform/build.gradle b/sdks/java/io/file-schema-transform/build.gradle index 31d4efa2f30e..23cfe3f1be96 100644 --- a/sdks/java/io/file-schema-transform/build.gradle +++ b/sdks/java/io/file-schema-transform/build.gradle @@ -32,7 +32,7 @@ configurations.implementation { } } -def parquet_version = "1.13.1" +def parquet_version = "1.15.1" dependencies { implementation library.java.avro diff --git a/sdks/java/io/iceberg/build.gradle b/sdks/java/io/iceberg/build.gradle index 011b44b4c1e9..741e8ee554f4 100644 --- a/sdks/java/io/iceberg/build.gradle +++ b/sdks/java/io/iceberg/build.gradle @@ -38,7 +38,7 @@ def hadoopVersions = [ hadoopVersions.each {kv -> configurations.create("hadoopVersion$kv.key")} def iceberg_version = "1.6.1" -def parquet_version = "1.12.0" +def parquet_version = "1.15.1" def orc_version = "1.9.2" def hive_version = "3.1.3" diff --git a/sdks/java/io/parquet/build.gradle b/sdks/java/io/parquet/build.gradle index d5f22b31cc56..9ed46a367735 100644 --- a/sdks/java/io/parquet/build.gradle +++ b/sdks/java/io/parquet/build.gradle @@ -35,7 +35,7 @@ def hadoopVersions = [ hadoopVersions.each {kv -> configurations.create("hadoopVersion$kv.key")} -def parquet_version = "1.13.1" +def parquet_version = "1.15.1" dependencies { implementation library.java.vendored_guava_32_1_2_jre From 558176338fd20b0d5df2642ef8902bac6f5c2d64 Mon Sep 17 00:00:00 2001 From: liferoad Date: Tue, 8 Apr 2025 11:28:06 -0400 Subject: [PATCH 2/2] updated CHANGES.md --- CHANGES.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index ad70c9c95ca3..fddd93b72750 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -50,7 +50,7 @@ * Fixed X (Java/Python) ([#X](https://github.com/apache/beam/issues/X)). ## Security Fixes -* Fixed (CVE-YYYY-NNNN)[https://www.cve.org/CVERecord?id=CVE-YYYY-NNNN] (Java/Python/Go) ([#X](https://github.com/apache/beam/issues/X)). +* Fixed [CVE-YYYY-NNNN](https://www.cve.org/CVERecord?id=CVE-YYYY-NNNN) (Java/Python/Go) ([#X](https://github.com/apache/beam/issues/X)). ## Known Issues @@ -88,7 +88,8 @@ * Fixed read Beam rows from cross-lang transform (for example, ReadFromJdbc) involving negative 32-bit integers incorrectly decoded to large integers ([#34089](https://github.com/apache/beam/issues/34089)) ## Security Fixes -* Fixed (CVE-YYYY-NNNN)[https://www.cve.org/CVERecord?id=CVE-YYYY-NNNN] (Java/Python/Go) ([#X](https://github.com/apache/beam/issues/X)). +* Fixed [CVE-YYYY-NNNN](https://www.cve.org/CVERecord?id=CVE-YYYY-NNNN) (Java/Python/Go) ([#X](https://github.com/apache/beam/issues/X)). +* Fixed [CVE-2025-30065](https://www.cve.org/CVERecord?id=CVE-2025-30065) (Java) ([#34573](https://github.com/apache/beam/pull/34573)) ## Known Issues