Please see the blogpost.
On 17/12/2021 06:59, casel.chen wrote:
I can NOT find flink 1.13.5 related jar in maven central repository,
did you upload them onto there already? Thanks!
At 2021-12-17 01:26:19, "Chesnay Schepler"<ches...@apache.org> wrote:
>The Apache Flink community has released emergency bugfix versions of
>Apache Flink for the 1.11, 1.12, 1.13 and 1.14 series.
>
>These releases include a version upgrade for Log4j to address
>[CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) and
>[CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046).
>
>We highly recommend all users to upgrade to the respective patch release.
>
>The releases are available for download at:
>https://flink.apache.org/downloads.html
>
>Please check out the release blog post for further details:
>https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html
>
>
>Regards,
>Chesnay