[fix][sec] Upgrade Guava to 32.1.1 to address CVE-2023-2976

[poorbarcode]

Motivation

The OWASP dependency check failed. Link: https://github.com/apache/pulsar/actions/runs/5424405010/jobs/9865506786?pr=20698

Error:  Failed to execute goal org.owasp:dependency-check-maven:8.2.1:aggregate (default) on project pulsar: 
Error:  
Error:  One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '7.0': 
Error:  
Error:  canal.client-1.1.5.jar/META-INF/maven/com.google.guava/guava/pom.xml: CVE-2023-2976(7.1)
Error:  clickhouse-jdbc-0.4.6-all.jar/META-INF/maven/com.google.guava/guava/pom.xml: CVE-2023-2976(7.1)
Error:  
Error:  See the dependency-check report for more details.
Error:  -> [Help 1]
Error:  
Error:  To see the full stack trace of the errors, re-run Maven with the -e switch.
Error:  Re-run Maven using the -X switch to enable full debug logging.
Error:  
Error:  For more information about the errors and possible solutions, please read the following articles:
Error:  [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
Error:  
Error:  After correcting the problems, you can resume the build with the command
Error:    mvn <args> -rf :pulsar
Error: Process completed with exit code 1.

The PR #20459 has addressed CVE-2023-2976 3 weeks ago

In the doc of CVE-2023-2976, the version 32.0.1 is suggested now

Modifications

Upgrade Guava to 32.0.1

Documentation

• doc
• doc-required
• doc-not-needed
• doc-complete

Matching PR in forked repository

PR in forked repository: x

[lhotari]

Please use version 32.1.1-jre since 32.0.1-jre has broken Gradle metadata. See https://github.com/google/guava/releases

[poorbarcode]

@lhotari

Please use version 32.1.1-jre since 32.0.1-jre has broken Gradle metadata. See https://github.com/google/guava/releases

FIxed, please take a look again, thanks

[lhotari]

LGTM