NIFI-10384 Upgraded Avatica to 1.22.0 for Hive 3

Signed-off-by: Nathan Gough <thenatog@gmail.com>

This closes #6323.

nifi-dependency-check-maven/suppressions.xml

@@ -149,6 +149,11 @@
         <packageUrl regex="true">^pkg:maven/org\.apache\.calcite\/calcite-druid@.*$</packageUrl>
         <cve>CVE-2020-13955</cve>
     </suppress>
+    <suppress>
+        <notes>CVE-2020-13955 applies to Apache Calcite Core not Apache Calcite Avatica subproject</notes>
+        <packageUrl regex="true">^pkg:maven/org\.apache\.calcite\.avatica\/avatica(-metrics)?@.*$</packageUrl>
+        <cve>CVE-2020-13955</cve>
+    </suppress>
     <suppress>
         <notes>OpenTSDB vulnerabilities do not apply to HBase Async library</notes>
         <packageUrl regex="true">^pkg:maven/org\.hbase/asynchbase@.*$</packageUrl>

nifi-nar-bundles/nifi-hive-bundle/pom.xml

@@ -61,6 +61,12 @@
                 <artifactId>calcite-core</artifactId>
                 <version>${calcite.version}</version>
             </dependency>
+            <!-- Override Apache Calcite Avatica subproject version for Hive 3 -->
+            <dependency>
+                <groupId>org.apache.calcite.avatica</groupId>
+                <artifactId>avatica</artifactId>
+                <version>${avatica.version}</version>
+            </dependency>
             <!-- Override snakeyaml:1.17 -->
             <dependency>
                 <groupId>org.yaml</groupId>
@@ -113,6 +119,7 @@
         <hive12.hadoop.version>2.6.2</hive12.hadoop.version>
         <hive3.version>3.1.3</hive3.version>
         <hive.version>${hive3.version}</hive.version>
+        <avatica.version>1.22.0</avatica.version>
         <calcite.version>1.31.0</calcite.version>
         <calcite.avatica.version>1.6.0</calcite.avatica.version>
     </properties>