The Apache Calcite team is pleased to announce the release of Apache Calcite Avatica 1.20.0.
Avatica is a framework for building database drivers. Avatica defines a wire API and serialization mechanism for clients to communicate with a server as a proxy to a database. The reference Avatica client and server are implemented in Java and communicate over HTTP. Avatica is a sub-project of Apache Calcite. Apache Calcite Avatica 1.20.0 upgrades Log4j2 to version 2.15.0 (to address CVE-2021-44228), and makes the SPNEGO protocol much more efficient. For a full list of changes, please see the release notes: https://calcite.apache.org/avatica/docs/history.html#v1-20-0 The release is available here: https://calcite.apache.org/avatica/downloads/avatica.html We welcome your help and feedback. For more information on how to report problems and get involved, visit the project website at: https://calcite.apache.org/avatica/ or the Apache Calcite project website: https://calcite.apache.org/ Thanks to everyone involved. The Log4j issue only became known on Friday, and a half dozen Calcite committers and PMC members worked over the weekend to create a release to address this issue. We take your security seriously! Julian Hyde, on behalf of the Apache Calcite team
