[ANNOUNCE] Apache Pulsar 3.3.2 released with important security fix for CVE-2024-47561

The Apache Pulsar team is proud to announce Apache Pulsar version 3.3.2. This release includes an important security fix for an RCE vulnerability in Avro Java SDK <1.11.4, CVE-2024-47561. The Avro Java SDK is included in Pulsar's server-side components as well as in the Pulsar Java client. All Pul

[ANNOUNCE] Apache Pulsar 3.0.7 released with important security fix for CVE-2024-47561

The Apache Pulsar team is proud to announce Apache Pulsar version 3.0.7. This release includes an important security fix for an RCE vulnerability in Avro Java SDK <1.11.4, CVE-2024-47561. The Avro Java SDK is included in Pulsar's server-side components as well as in the Pulsar Java client. All Pul

Re: [DISCUSS] Expediting Pulsar releases 3.0.7 and 3.3.2 due to critical RCE vulnerability in Avro Java SDK <1.11.4, CVE-2024-47561

Il giorno gio 3 ott 2024 alle ore 22:59 Lari Hotari ha scritto: > Dear Pulsar Community, > > There's a critical 9.3/10 level RCE vulnerability in Avro Java SDK > <1.11.4, CVE-2024-47561. > More details can be found in these resources: > - https://github.com/advisories/GHSA-r7pg-v2c8-mfg3 > - http