This is an automated email from the ASF dual-hosted git repository.
raulcd pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-site.git
The following commit(s) were added to refs/heads/main by this push:
new f4cc8b773e8 Website: Add blog post for 23.0.1 (#759)
f4cc8b773e8 is described below
commit f4cc8b773e8183235fbbbbea5a4493f03519b52e
Author: Raúl Cumplido <[email protected]>
AuthorDate: Tue Feb 17 12:31:00 2026 +0100
Website: Add blog post for 23.0.1 (#759)
Changelog can be found here:
https://arrow.apache.org/release/23.0.1.html#changelog
---------
Co-authored-by: Sutou Kouhei <[email protected]>
Co-authored-by: Antoine Pitrou <[email protected]>
---
_posts/2026-02-16-23.0.1-release.md | 98 +++++++++++++++++++++++++++++++++++++
1 file changed, 98 insertions(+)
diff --git a/_posts/2026-02-16-23.0.1-release.md
b/_posts/2026-02-16-23.0.1-release.md
new file mode 100644
index 00000000000..059190fceeb
--- /dev/null
+++ b/_posts/2026-02-16-23.0.1-release.md
@@ -0,0 +1,98 @@
+---
+layout: post
+title: "Apache Arrow 23.0.1 Release"
+date: "2026-02-16 00:00:00"
+author: pmc
+categories: [release]
+---
+<!--
+{% comment %}
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to you under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+{% endcomment %}
+-->
+
+
+The Apache Arrow team is pleased to announce the 23.0.1 release.
+It includes **a security fix for the C++ IPC file reader**, so be sure to
+read the relevant details below to see if you are affected.
+
+Apart from that, 23.0.1 is mostly a bugfix release that includes [**28
resolved issues**][1]
+on [**29 distinct commits**][2] from [**12 distinct contributors**][2].
+
+See the [Install Page](https://arrow.apache.org/install/) to
+learn how to get the libraries for your platform.
+
+The release notes below are not exhaustive and only expose selected highlights
+of the release. Many other bugfixes and improvements have been made: we refer
+you to the [complete changelog][3].
+
+## C++ notes
+
+* Fix possible OOB write in buffered IO
([GH-48311](https://github.com/apache/arrow/issues/48311)).
+
+### IPC
+
+#### CVE-2026-25087: Use After Free vulnerability in IPC file reader
+
+Fix a security issue can be triggered when reading an Arrow IPC file (but *not*
+an IPC stream) with pre-buffering enabled, if the IPC file contains data with
+variadic buffers (such as Binary View and String View data).
+
+Pre-buffering is disabled by default, so your code is vulnerable only if it
+enables it explicitly by calling `RecordBatchFileReader::PreBufferMetadata`.
+Affected Arrow C++ versions are 15.0.0 through 23.0.0. The fix integrated
+in 23.0.1 can also be separately viewed at
+[GH-48925](https://github.com/apache/arrow/pull/48925).
+
+See our [separate
announcement](https://lists.apache.org/thread/mpm4ld1qony30tchfpjtk5b11tcyvmwh)
+for further detail.
+
+#### Other fixes
+
+* Avoid memory blowup with excessive variadic buffer count in IPC
([GH-48900](https://github.com/apache/arrow/issues/48900)).
+
+### Gandiva
+
+* Fix passing CPU attributes to LLVM
([GH-48160](https://github.com/apache/arrow/issues/48160)).
+* Detect overflow in `repeat()`
([GH-49159](https://github.com/apache/arrow/issues/49159)).
+
+### Parquet
+
+* Avoid re-serializing footer for signature verification
([GH-48858](https://github.com/apache/arrow/issues/48858)).
+
+## Python notes
+
+* Added missing NOTICE.txt and LICENSE.txt to wheels
([GH-48983](https://github.com/apache/arrow/issues/48983)).
+* Some fixes for compatibility with newer Cython versions like
([GH-48965](https://github.com/apache/arrow/issues/48965)),
+ ([GH-49156](https://github.com/apache/arrow/issues/49156)) and
([GH-49138](https://github.com/apache/arrow/issues/49138)).
+
+## Ruby notes
+
+* Fix a bug where ``Arrow::ExecutePlan`` nodes may be Garbage Collected
([GH-48880](https://github.com/apache/arrow/issues/48880)).
+
+## R notes
+
+* Bump C++20 for R build infrastructure
([GH-48817](https://github.com/apache/arrow/issues/48817))
+ and fix some C++ 20 related compilation issues
([GH-48973](https://github.com/apache/arrow/issues/48973)).
+
+## Other modules and languages
+
+No general changes were made to the other libraries or languages.
+
+
+[1]: https://github.com/apache/arrow/milestone/73?closed=1
+[2]: {{ site.baseurl }}/release/23.0.1.html#contributors
+[3]: {{ site.baseurl }}/release/23.0.1.html#changelog
