Ververica Platform 2.6.3

Release Date: 2022-05-04

Changelog

Apache Flink®

This release adds support for the patch releases 1.14.4 and 1.13.6 of Apache Flink®.

• For Stream Edition the following Apache Flink® Docker images are available. Please check Ververica Platform Docker Images for all available Apache Flink® images and additional tags.

  • 1.12.7-stream2-scala_2.11-java8
  • 1.12.7-stream2-scala_2.11-java11
  • 1.12.7-stream2-scala_2.12-java8
  • 1.12.7-stream2-scala_2.12-java11
  • 1.13.6-stream1-scala_2.11-java8
  • 1.13.6-stream1-scala_2.11-java11
  • 1.13.6-stream1-scala_2.12-java8
  • 1.13.6-stream1-scala_2.12-java11
  • 1.14.4-stream1-scala_2.11-java8
  • 1.14.4-stream1-scala_2.11-java11
  • 1.14.4-stream1-scala_2.12-java8
  • 1.14.4-stream1-scala_2.12-java11

• For Spring Edition the following / archives are available

  • flink-1.12.7-spring2-scala_2.11.tgz
  • flink-1.12.7-spring2-scala_2.12.tgz
  • flink-1.13.6-spring1-scala_2.11.tgz
  • flink-1.13.6-spring1-scala_2.12.tgz
  • flink-1.14.4-spring1-scala_2.11.tgz
  • flink-1.14.4-spring1-scala_2.12.tgz

Vulnerability Fixes

• Updated Postgres dependency to resolve vulnerability CVE-2022-21724
• Updated Apache Tomcat dependency to resolve vulnerabilities CVE-2021-42340 and CVE-2022-23181
• Updated Netty dependency to resolve vulnerabilities CVE-2021-37136, CVE-2021-37137 and CVE-2021-43797
• Updated Apache Commons Compress dependency to resolve vulnerabilities CVE-2021-35516, CVE-2021-35515, CVE-2021-36090 and CVE-2021-35517
• Updated Spring Boot to resolve vulnerabilities CVE-2022-22965, CVE-2022-22968
• Updated Spring Cloud Gateway to resolve vulnerability CVE-2022-22947
• Updated Jackson to resolve vulnerability CVE-2020-36518
• Updated protobuf-java to resolve vulnerability CVE-2021-22569
• Updated Gson to resolve vulnerability CVE-2022-25647

Improvements

Rest API

• Extended censoring to cover additional configuration keys and also apply to Deployment resources.

Bug Fixes

^^^^^^^^^

• Fixed a serialization bug when specifying liveness/readiness probes with ports in kubernetes pod templates.
• Fixed a bug concerning defaults merging of containers in kubernetes pod template specs.

Upgrade

We recommend upgrading via Helm using the following commands:

    helm repo add ververica https://charts.ververica.com
    helm repo update
    helm upgrade [RELEASE] ververica/ververica-platform --version 5.2.3 --values custom-values.yaml