The Apache Arrow community is pleased to announce the 14.0.1 release.
It includes 2 resolved issues ([1]) since the 14.0.0 release.
The release is available now from our website and [2]:
http://arrow.apache.org/install/
Read about what's new in the release
https://arrow.apache.org/blog/2023/11/09/14.0.1-release/
This release solves the announced CVE-2023-47248:
PyArrow, PyArrow: Arbitrary code execution when loading a malicious
data file, see:
https://lists.apache.org/thread/7fy3r0qx0o63mj2ffhrt00wjvgtsc8lh
Changelog
https://arrow.apache.org/release/14.0.1.html
What is Apache Arrow?
---------------------
Apache Arrow is a columnar in-memory analytics layer designed to accelerate big
data. It houses a set of canonical in-memory representations of flat and
hierarchical data along with multiple language-bindings for structure
manipulation. It also provides low-overhead streaming and batch messaging,
zero-copy interprocess communication (IPC), and vectorized in-memory analytics
libraries.
Please report any feedback to the mailing lists ([3])
Regards,
The Apache Arrow community
[1]: https://github.com/apache/arrow/milestone/57?closed=1
[2]: https://www.apache.org/dyn/closer.cgi/arrow/arrow-14.0.1/
[3]: https://lists.apache.org/[email protected]
