The Apache Pulsar team is proud to announce Apache Pulsar version 3.0.7. This release includes an important security fix for an RCE vulnerability in Avro Java SDK <1.11.4, CVE-2024-47561. The Avro Java SDK is included in Pulsar's server-side components as well as in the Pulsar Java client. All Pulsar users are advised to upgrade to Apache Pulsar version 3.0.7 or 3.3.2. Please follow Pulsar Security Advisories for updated information: https://pulsar.apache.org/security/
Pulsar is a highly scalable, low latency messaging platform running on commodity hardware. It provides simple pub-sub semantics over topics, guaranteed at-least-once delivery of messages, automatic cursor management for subscribers, and cross-datacenter replication. For Pulsar release details and downloads, visit: https://pulsar.apache.org/download Apache Pulsar 3.0.7 artifacts are also available in Maven Central. Release Notes are at: https://pulsar.apache.org/release-notes/versioned/pulsar-3.0.7/ We would like to thank the contributors that made the release possible. Regards, The Pulsar Team
