[fix][COM][dependency] upgrade avro dependency version from 1.11.4 to 1.11.5 for security fix

[v-kkhuang]

Search before asking

• I had searched in the issues and found no similar issues.

Linkis Component

• linkis-commons
• linkis-computation-governance
• linkis-dist
• linkis-engineconn-plugin
• linkis-extensions
• linkis-orchestrator
• linkis-public-enhancements
• linkis-spring-cloud-services
• linkis-web

Description

This is a security work order to upgrade the Apache Avro dependency version from 1.11.4 to 1.11.5 to address potential security vulnerabilities in the previous version.

Steps to reproduce

N/A - This is a preventive security upgrade.

Expected behavior

The project should use Avro 1.11.5 which includes security fixes and improvements.

Your environment

• Linkis version used: 1.18.0
• Environment name and version:
  • hadoop-3.3.4
  • hive-2.3.3
  • spark-2.4.3 / 3.3.0
  • scala-2.11.12 / 2.12.17
  • jdk 1.8.x_xx

Anything else

This is part of the security work order initiative to upgrade vulnerable dependencies in the Linkis project.

Are you willing to submit a PR?

• Yes I am willing to submit a PR!

[github-actions]

😊 Welcome to the Apache Linkis community!!

We are glad that you are contributing by opening this issue.

Please make sure to include all the relevant context.
We will be here shortly.

If you are interested in contributing to our website project, please let us know!
You can check out our contributing guide on
👉 How to Participate in Project Contribution.

Community

WeChat Assistant	WeChat Public Account

Mailing Lists

Name	Description	Subscribe	Unsubscribe	Archive
dev@linkis.apache.org	community activity information	subscribe	unsubscribe	archive