Ververica Platform 2.2.1
Release Date: 2020-09-21
Changelog
Apache Flink® 1.11.2
Vulnerability Fixes
- Please check the release notes of Flink 1.11.2 for a complete list of fixes and improvements.
- For Stream Edition the following Apache Flink® Docker images are available. Please check Ververica Platform Docker Images for all available Apache Flink® images and additional tags.
1.11.2-stream1-scala_2.111.11.2-stream1-scala_2.12
- For Spring Edition the following Apache Flink® archives are available
Vulnerability Fixes
The following security vulnerabilities have been fixed compared to 1.11.1:
CVE-2019-20444, CVE-2019-20445 (https://nvd.nist.gov/vuln/detail/CVE-2019-20445), CVE-2020-10543, CVE-2020-10878 (https://nvd.nist.gov/vuln/detail/CVE-2020-10878), CVE-2020-11612, CVE-2020-12723 (https://nvd.nist.gov/vuln/detail/CVE-2020-12723)
Apache Flink® 1.10.2
- Please check the release notes of Flink 1.10.2 for a complete list of fixes and improvements.
- In addition to the fixes mentioned above, this release already contains a backport of FLINK-15467, which is not included in the latest upstream release of Apache Flink®.
- For Stream Edition the following Apache Flink® Docker images are available. Please check Ververica Platform Docker Images for all available Apache Flink® images and additional tags.
1.10.2-stream1-scala_2.111.10.2-stream1-scala_2.12
- For Spring Edition the following Apache Flink® archives are available
Vulnerability Fixes
The following security vulnerabilities have been fixed compared to 1.10.1:
CVE-2019-20444, CVE-2019-20445 (https://nvd.nist.gov/vuln/detail/CVE-2019-20445), CVE-2020-10543, CVE-2020-10878 (https://nvd.nist.gov/vuln/detail/CVE-2020-10878), CVE-2020-11612, CVE-2020-12723 (https://nvd.nist.gov/vuln/detail/CVE-2020-12723)
Vulnerability Fixes
The following security vulnerability in non-Flink components of Ververica Platform have been fixed compared to 2.2.0:
CVE-2014-0114, CVE-2018-20200 (https://nvd.nist.gov/vuln/detail/CVE-2018-20200), CVE-2019-10086, CVE-2019-10172 (https://nvd.nist.gov/vuln/detail/CVE-2019-10172), CVE-2019-17638, CVE-2020-10543 (https://nvd.nist.gov/vuln/detail/CVE-2020-10543), CVE-2020-10878, CVE-2020-12723 (https://nvd.nist.gov/vuln/detail/CVE-2020-12723), CVE-2020-13934, CVE-2020-13935 (https://nvd.nist.gov/vuln/detail/CVE-2020-13935)
Charts
- The Ververica Platform Helm charts now support to attach additional custom volumes to the Ververica Platform containers. Please checkout the Helm charts default values for details. UPDATE 2020-10-27: Due to a misstep during the release publication process, this feature only became available with the 2.2.2 release. If you plan to use this feature, please make sure to use a Chart version greater or equal to 4.2.2.
Upgrade
We recommend upgrading via Helm using the following commands:
1 helm repo add ververica https://charts.ververica.com
2 helm upgrade [RELEASE] ververica/ververica-platform --version 4.2.1 --values custom-values.yaml