You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flink.apache.org by "Sergey Nuyanzin (Jira)" <ji...@apache.org> on 2023/04/20 06:07:00 UTC

[jira] [Assigned] (FLINK-29319) Upgrade Calcite version to 1.32

     [ https://issues.apache.org/jira/browse/FLINK-29319?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sergey Nuyanzin reassigned FLINK-29319:
---------------------------------------

    Assignee: Sergey Nuyanzin

> Upgrade Calcite version to 1.32
> -------------------------------
>
>                 Key: FLINK-29319
>                 URL: https://issues.apache.org/jira/browse/FLINK-29319
>             Project: Flink
>          Issue Type: Improvement
>          Components: Table SQL / API, Table SQL / Planner
>            Reporter: Martijn Visser
>            Assignee: Sergey Nuyanzin
>            Priority: Major
>
> {code}
> This release fixes CVE-2022-39135, an XML External Entity (XEE) vulnerability that allows a SQL query to read the contents of files via the SQL functions EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM or EXTRACT_VALUE.
> Coming 1 month after 1.31.0 with 19 issues fixed by 17 contributors, this release also replaces the ESRI spatial engine with JTS and proj4j, adds 65 spatial SQL functions including ST_Centroid, ST_Covers and ST_GeomFromGeoJSON, adds the CHAR SQL function, and improves the return type of the ARRAY and MULTISET functions.{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)