1. 2023-09-29 [1] CVE-2023-39410: Apache Avro Java SDK: Memory when deserial avro-user Ryan Skraba 2. 2023-09-26 [1] [ANNOUNCE] Apache Avro 1.11.3 released avro-user Ryan Skraba