Ververica Platform 2.5.4¶

Release Date: TBD

Changelog
Upgrade

Changelog ¶

Vulnerability Fixes ¶

Updated Postgres dependency to resolve vulnerability CVE-2022-21724
Updated Apache Tomcat dependency to resolve vulnerabilities CVE-2021-42340 and CVE-2022-23181
Updated Netty dependency to resolve vulnerabilities CVE-2021-37136, CVE-2021-37137 and CVE-2021-43797
Updated Apache Commons Compress dependency to resolve vulnerabilities CVE-2021-35516, CVE-2021-35515, CVE-2021-36090 and CVE-2021-35517
Updated json-smart dependency to resolve vulnerability CVE-2021-27568
Updated Spring Cloud Gateway to resolve vulnerability CVE-2022-22947
Updated Jackson to resolve vulnerability CVE-2020-36518
Updated Gson to resolve vulnerability CVE-2022-25647
Updated Google OAuth client to resolve vulnerability CVE-2021-22573
Updated Hadoop to resolve vulnerability CVE-2021-37404
Updated Jetty to resolve CVE-2022-2048

Improvements ¶

Rest API ¶

Extended censoring to cover additional configuration keys and also apply to Deployment resources.

Event cleanup ¶

In case you configure a maximum number of events to keep, the limit will now be applied per deployment instead of per namespace. See event service configuration for more information.

Bug Fixes ¶

Fixed a serialization bug when specifying liveness/readiness probes with ports in kubernetes pod templates.
Fixed a bug concerning defaults merging of containers in kubernetes pod template specs.

Helm Charts ¶

It is now possible to configure custom pod annotations in the values.yaml file. See Custom Pod Annotations.

Upgrade ¶

We recommend upgrading via Helm using the following commands:

$ helm repo add ververica https://charts.ververica.com
$ helm repo update
$ helm upgrade [RELEASE] ververica/ververica-platform --version 5.1.4 --values custom-values.yaml