Add support for Apache kafka version 3.4.0, due to high severity vulnerability (CVE-2023-25194)

[aozmen121]

Can you please add immediate support for apache kafka version 3.4.0. There is a vulnerability (remote code to execute java deserialization gadget chains on the Kafka connect) identified thats patches within Kafka version 3.4.0

Describe the bug
See CVE-2023-25194 - https://lists.apache.org/thread/vy1c7fqcdqvq5grcqp6q5jyyb302khyz

To Reproduce
Steps to reproduce the behaviour:
See CVE description - https://lists.apache.org/thread/vy1c7fqcdqvq5grcqp6q5jyyb302khyz

Expected behaviour
Patched vulnerability

Environment (please complete the following information):

• Strimzi version: 0.33.1
• Installation method: Helm chart
• Kubernetes cluster: Kubernetes

[aozmen121]

@scholzj Would you mind releasing a patched strimzi operator with the kafka version 3.4.0 support

[scholzj]

So, are you actually affected? I.e. do you have random people in your organization use the connector configuration overrides? Otherwise there us a fairly simple mitigation by setting connector.client.config.override.policy to None in your Connect configuration.

[scholzj]

FYI: We released 0.33.2 with Kafka 3.4.0.

[aozmen121]

@scholzj Thank you :)