We are aware of that; it was also mentioned in the blogpost.

On 17/12/2021 07:17, wenlong.lwl wrote:
Hi, @Chesnay Schepler <ches...@apache.org>  I want to forward a feedback
from the user mailing list, the jars of the new patch releases are not
available at the central maven repo. example:
https://mvnrepository.com/artifact/org.apache.flink/flink-streaming-java


Best,
Wenlong

On Fri, 17 Dec 2021 at 01:27, Chesnay Schepler <ches...@apache.org> wrote:

The Apache Flink community has released emergency bugfix versions of
Apache Flink for the 1.11, 1.12, 1.13 and 1.14 series.

These releases include a version upgrade for Log4j to address
[CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) and
[CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046).

We highly recommend all users to upgrade to the respective patch release.

The releases are available for download at:
https://flink.apache.org/downloads.html

Please check out the release blog post for further details:
https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html


Regards,
Chesnay


Reply via email to