Revert "[fix][sec] Upgrade Debezium oracle connector version to avoid C…

…VE-2023-4586 (#22641)" This reverts commit 4a59536.
apache · May 7, 2024 · 0853ef1 · 0853ef1
1 parent 09364a9
commit 0853ef1
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 3 deletions.
diff --git a/pom.xml b/pom.xml
@@ -198,7 +198,6 @@ flexible messaging model and an intuitive client API.</description>
     <opensearch.version>1.2.4</opensearch.version>
     <elasticsearch-java.version>8.12.1</elasticsearch-java.version>
     <debezium.version>1.9.7.Final</debezium.version>
-    <debezium.oracle.version>2.2.0.Final</debezium.oracle.version>
     <debezium.postgresql.version>42.5.0</debezium.postgresql.version>
     <debezium.mysql.version>8.0.30</debezium.mysql.version>
     <!-- Override version that brings CVE-2022-3143 with debezium -->

diff --git a/pulsar-io/debezium/oracle/pom.xml b/pulsar-io/debezium/oracle/pom.xml
@@ -48,8 +48,7 @@
     <dependency>
       <groupId>io.debezium</groupId>
       <artifactId>debezium-connector-oracle</artifactId>
-      <version>${debezium.oracle.version}</version>
-      <scope>runtime</scope>
+      <version>${debezium.version}</version>
     </dependency>
 
   </dependencies>