--- Key Information Vulnerability ID: - CVE-2020-27216 Upgrade Version: - Upgraded from to to fix the vulnerability. Issue Tracking: - Jira Issue ID: BEAM-11227 Related Links: - Jira Issue Link: https://issues.apache.org/jira/browse/BEAM-11227 - GitHub Pull Request Link: https://github.com/apache/beam/pull/14028 Code Changes: - Updated gRPC version in the Beam project; this is a vendor dependency upgrade. To-Do Items: - Investigate some new link issues; details in memo. - Publish vendor gRPC to Beam’s release-artifacts. Additional Notes: - Vendor gRPC was installed locally in Jenkins, and most tests passed. Only BEAM-11922 and BEAM-11921 failed. If additional testing requirements for vendor gRPC arise, please inform the relevant responsible person.