[flink-web] 02/02: Rebuild website

martijnvisser Tue, 19 Sep 2023 03:54:05 -0700

This is an automated email from the ASF dual-hosted git repository.

martijnvisser pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/flink-web.git


commit 2802035a33bcd3049e56cd046edd6a48c8fdbf90
Author: Martijn Visser <mvis...@confluent.io>
AuthorDate: Tue Sep 19 12:53:35 2023 +0200

    Rebuild website
---
 .../index.html                                            | 15 +++++++++++++++
 content/security/index.html                               | 12 ++++++++++++
 content/zh/security/index.html                            | 12 ++++++++++++
 3 files changed, 39 insertions(+)

diff --git 
a/content/2023/09/19/stateful-functions-3.3.0-release-announcement/index.html 
b/content/2023/09/19/stateful-functions-3.3.0-release-announcement/index.html
index 308e1d295..268d8cd2a 100644
--- 
a/content/2023/09/19/stateful-functions-3.3.0-release-announcement/index.html
+++ 
b/content/2023/09/19/stateful-functions-3.3.0-release-announcement/index.html
@@ -890,6 +890,7 @@ https://github.com/alex-shpak/hugo-book
       <ul>
         <li><a href="#new-features">New Features</a>
           <ul>
+            <li><a href="#fixed-cve-2023-41834">Fixed CVE-2023-41834</a></li>
             <li><a href="#upgraded-flink-dependency-to-1162">Upgraded Flink 
dependency to 1.16.2</a></li>
           </ul>
         </li>
@@ -942,6 +943,19 @@ or <a 
href="https://issues.apache.org/jira/browse/FLINK";>JIRA</a>!</p>
   New Features
   <a class="anchor" href="#new-features">#</a>
 </h2>
+<h3 id="fixed-cve-2023-41834">
+  Fixed CVE-2023-41834
+  <a class="anchor" href="#fixed-cve-2023-41834">#</a>
+</h3>
+<p>Stateful Functions versions 3.1.0, 3.1.1 and 3.2.0 allowed HTTP header
+injection due to Improper Neutralization of CRLF Sequences. Attackers could
+potentially inject malicious content into the HTTP response that is
+sent to the user. This could include injecting a fake login form or
+other phishing content, or injecting malicious JavaScript code that
+can steal user credentials or perform other malicious actions on the
+user&rsquo;s behalf.</p>
+<p>Stateful Functions 3.3.0 has fixed this security vulnerability. More 
details can be found on the
+<a href="/security/">Security</a> page.</p>
 <h3 id="upgraded-flink-dependency-to-1162">
   Upgraded Flink dependency to 1.16.2
   <a class="anchor" href="#upgraded-flink-dependency-to-1162">#</a>
@@ -1005,6 +1019,7 @@ for a detailed list of changes and new features if you 
plan to upgrade your setu
       <ul>
         <li><a href="#new-features">New Features</a>
           <ul>
+            <li><a href="#fixed-cve-2023-41834">Fixed CVE-2023-41834</a></li>
             <li><a href="#upgraded-flink-dependency-to-1162">Upgraded Flink 
dependency to 1.16.2</a></li>
           </ul>
         </li>
diff --git a/content/security/index.html b/content/security/index.html
index db83026fe..07f74e89f 100644
--- a/content/security/index.html
+++ b/content/security/index.html
@@ -984,6 +984,18 @@ under the License.
                        Users are advised to upgrade to Flink 1.11.3 or 1.12.0 
or later versions.
                </td>
        </tr>
+       <tr>
+               <td>
+                       <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41834";>CVE-2023-41834</a>
+               </td>
+               <td>
+                       Flink Stateful Functions 3.1.0, 3.1.1, 3.2.0
+               </td>
+               <td>
+                       <a 
href="https://github.com/apache/flink-statefun/commit/b06c0a23a5a622d48efc8395699b2e4502bd92be";>Fixed
 in commit b06c0a23a5a622d48efc8395699b2e4502bd92be</a> <br>
+                       Users are advised to upgrade to Flink Stateful 
Functions 3.3.0 or later versions.
+               </td>
+       </tr>
 </table>
 <h2 id="frequently-asked-questions">
   Frequently Asked Questions
diff --git a/content/zh/security/index.html b/content/zh/security/index.html
index 1f08f5d6b..50c3ee664 100644
--- a/content/zh/security/index.html
+++ b/content/zh/security/index.html
@@ -984,6 +984,18 @@ under the License.
                        Users are advised to upgrade to Flink 1.11.3 or 1.12.0 
or later versions.
                </td>
        </tr>
+       <tr>
+               <td>
+                       <a 
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41834";>CVE-2023-41834</a>
+               </td>
+               <td>
+                       Flink Stateful Functions 3.1.0, 3.1.1, 3.2.0
+               </td>
+               <td>
+                       <a 
href="https://github.com/apache/flink-statefun/commit/b06c0a23a5a622d48efc8395699b2e4502bd92be";>Fixed
 in commit b06c0a23a5a622d48efc8395699b2e4502bd92be</a> <br>
+                       Users are advised to upgrade to Flink Stateful 
Functions 3.3.0 or later versions.
+               </td>
+       </tr>
 </table>
 <h2 id="frequently-asked-questions">
   Frequently Asked Questions

[flink-web] 02/02: Rebuild website

Reply via email to