Upgrade dependencies to resolve vulnerabilities

manas-ctds · manas-ctds · commit 37cfc86cdbfc · 2025-12-18T17:29:53.000+05:30
diff --git a/pom.xml b/pom.xml
@@ -226,7 +226,7 @@ flexible messaging model and an intuitive client API.</description>
     <hbc-core.version>2.2.0</hbc-core.version>
     <cassandra.version>3.11.2</cassandra.version>
     <aerospike-client.version>4.5.0</aerospike-client.version>
-    <kafka-client.version>3.9.0</kafka-client.version>
+    <kafka-client.version>3.9.1</kafka-client.version>
     <rabbitmq-client.version>5.18.0</rabbitmq-client.version>
     <aws-sdk.version>1.12.788</aws-sdk.version>
     <aws-sdk2.version>2.32.28</aws-sdk2.version>
@@ -241,11 +241,11 @@ flexible messaging model and an intuitive client API.</description>
     <mariadb-jdbc.version>2.7.5</mariadb-jdbc.version>
     <openmldb-jdbc.version>0.4.4-hotfix1</openmldb-jdbc.version>
     <json-smart.version>2.5.2</json-smart.version>
-    <opensearch.version>2.16.0</opensearch.version>
+    <opensearch.version>2.19.4</opensearch.version>
     <debezium.version>3.2.0.Final</debezium.version>
     <elasticsearch-java.version>8.15.3</elasticsearch-java.version>
     <debezium.postgresql.version>42.7.7</debezium.postgresql.version>
-    <debezium.mysql.version>9.1.0</debezium.mysql.version>
+    <debezium.mysql.version>9.3.0</debezium.mysql.version>
     <!-- Override version that brings CVE-2022-3143 with debezium -->
     <wildfly-elytron.version>1.15.16.Final</wildfly-elytron.version>
     <jsonwebtoken.version>0.11.1</jsonwebtoken.version>
diff --git a/pulsar-common/pom.xml b/pulsar-common/pom.xml
@@ -225,7 +225,7 @@
     <dependency>
       <groupId>org.lz4</groupId>
       <artifactId>lz4-java</artifactId>
-      <version>1.5.0</version>
+      <version>1.8.1</version>
       <scope>test</scope>
     </dependency>
 
