In currently latest version of twitter::chill, kryo-shaded 4.0.2 is used, which has security vulnerability BDSA-2016-1151: Allows DoS via Java Serialization API. And this security risk is fixed in kryo 5.3.0.
Is this possible to upgrade using the higher version kryo?
In currently latest version of twitter::chill, kryo-shaded 4.0.2 is used, which has security vulnerability BDSA-2016-1151: Allows DoS via Java Serialization API. And this security risk is fixed in kryo 5.3.0.
Is this possible to upgrade using the higher version kryo?