From bc9b2523f016a546da6056eec8a584cd45493f84 Mon Sep 17 00:00:00 2001
From: Martijn Visser <mvisser@confluent.io>
Date: Wed, 11 Oct 2023 11:48:50 +0200
Subject: [PATCH] [FLINK-33238][Formats/Avro] Upgrade used AVRO version to
 1.11.3 to mitigate scanners flagging Flink or the Flink Kafka connector as
 vulnerable for CVE-2023-39410

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 96e4521bf..a9e40c56b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -68,7 +68,7 @@ under the License.
         <scala-reflect.version>2.12.7</scala-reflect.version>
         <scala-library.version>2.12.7</scala-library.version>
         <snappy-java.version>1.1.10.5</snappy-java.version>
-        <avro.version>1.11.1</avro.version>
+        <avro.version>1.11.3</avro.version>
 
         <japicmp.skip>false</japicmp.skip>
         <japicmp.referenceVersion>1.17.0</japicmp.referenceVersion>