From 55562d57b2577e1df19e60473cd27b683d24d76e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 19 Sep 2024 22:51:11 +0000
Subject: [PATCH] fix: external/kinesis-asl-assembly/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
---
 external/kinesis-asl-assembly/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/external/kinesis-asl-assembly/pom.xml b/external/kinesis-asl-assembly/pom.xml
index 5a49358a84241..e8239cd13889e 100644
--- a/external/kinesis-asl-assembly/pom.xml
+++ b/external/kinesis-asl-assembly/pom.xml
@@ -62,7 +62,7 @@
     <dependency>
       <groupId>com.google.protobuf</groupId>
       <artifactId>protobuf-java</artifactId>
-      <version>2.6.1</version>
+      <version>3.25.5</version>
       <!-- 
          We are being explicit about version here and overriding the 
          spark default of 2.5.0 because KCL appears to have introduced