This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/zeppelin-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new f6de60ca7 Automatic Site Publish by Buildbot
f6de60ca7 is described below
commit f6de60ca735f07323addfca840cdf07717c4dc9d
Author: buildbot <[email protected]>
AuthorDate: Sun Jul 27 12:50:58 2025 +0000
Automatic Site Publish by Buildbot
---
output/atom.xml | 2 +-
output/rss.xml | 4 ++--
output/security.html | 10 ++++++++--
3 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/output/atom.xml b/output/atom.xml
index d23340861..640bc165b 100644
--- a/output/atom.xml
+++ b/output/atom.xml
@@ -4,7 +4,7 @@
<title>Apache Zeppelin</title>
<link href="http://zeppelin.apache.org/"; rel="self"/>
<link href="http://zeppelin.apache.org"/>
- <updated>2025-07-27T12:46:45+00:00</updated>
+ <updated>2025-07-27T12:50:47+00:00</updated>
<id>http://zeppelin.apache.org</id>
<author>
<name>The Apache Software Foundation</name>
diff --git a/output/rss.xml b/output/rss.xml
index da8e6040f..e13452374 100644
--- a/output/rss.xml
+++ b/output/rss.xml
@@ -5,8 +5,8 @@
<description>Apache Zeppelin - The Apache Software
Foundation</description>
<link>http://zeppelin.apache.org</link>
<link>http://zeppelin.apache.org</link>
- <lastBuildDate>2025-07-27T12:46:45+00:00</lastBuildDate>
- <pubDate>2025-07-27T12:46:45+00:00</pubDate>
+ <lastBuildDate>2025-07-27T12:50:47+00:00</lastBuildDate>
+ <pubDate>2025-07-27T12:50:47+00:00</pubDate>
<ttl>1800</ttl>
diff --git a/output/security.html b/output/security.html
index 0351d4982..aca783dfa 100644
--- a/output/security.html
+++ b/output/security.html
@@ -234,9 +234,15 @@ executables could potentially be altered for malicious
purposes.
To mitigate this risk, it's recommended to set the paths to trusted
locations for these executables, such as PYTHON and SPARK_HOME.</p>
-<h1>Reporting security issues</h1>
+<h1>Known Security Issues</h1>
-<p>If you have found a potential security issue in Zeppelin,
+<p>It is always best to use the latest Apache Zeppelin <a
href="https://zeppelin.apache.org/download.html";>release</a>.
+A good place to check for CVE announcments is the <a
href="https://lists.apache.org/[email protected]";>Zeppelin users
mailing list</a>.
+Many third party sites maintain lists of CVEs by product. One example is <a
href="https://app.opencve.io/cve/?vendor=apache&product=zeppelin";>OpenCVE</a>.</p>
+
+<h1>Reporting Security Issues</h1>
+
+<p>If you have found a potential security issue in Apache Zeppelin,
such as a way to bypass the Shiro authentication,
we encourage you to report this problem at
<a href="mailto:[email protected]";>[email protected]</a>.
