Ververica Platform 2.5.2

Release Date: 2021-10-05

Changelog

Apache Flink®

This release adds support for Apache Flink® 1.13.3.

Apache Flink® 1.13.3

Please check out the Apache Flink® 1.13.3 release announcement for details about this Apache Flink® release.

• For Stream Edition the following Apache Flink® Docker images are available. Please check Ververica Platform Docker Images for all available Apache Flink® images and additional tags.

  • 1.13.3-stream1-scala_2.11-java8
  • 1.13.3-stream1-scala_2.11-java11
  • 1.13.3-stream1-scala_2.12-java8
  • 1.13.3-stream1-scala_2.12-java11

• For Spring Edition the following / archives are available

  • flink-1.13.3-spring1-scala_2.11.tgz
  • flink-1.13.3-spring1-scala_2.12.tgz

Please check Ververica Platform Docker Images for all available Apache Flink® images and additional tags.

Vulnerability Fixes

The following security vulnerabilities have been fixed compared to 1.13.2-[stream|spring]1:

CVE-2021-35516, CVE-2021-35517, CVE-2021-36090

Bug Fixes

• DeploymentTargets can now be updated via PUT when authenticated with an ApiToken (Admin, Editor) or a BootstrapToken. Previously, this failed with a HTTP Return Code 403.

Vulnerability Fixes (outside of Apache Flink®)

The following security vulnerability in non-Flink components of Ververica Platform have been fixed compared to 2.5.1:

CVE-2020-28500, CVE-2021-22119, CVE-2021-23337, CVE-2021-33037, CVE-2021-34429, CVE-2021-42340

Upgrade

We recommend upgrading via Helm using the following commands:

    helm repo add ververica https://charts.ververica.com
    helm upgrade [RELEASE] ververica/ververica-platform --version 5.1.2 --values custom-values.yaml