[FLINK-29319] Upgrade Calcite version to 1.32 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.18.0
Component/s: Table SQL / API, Table SQL / Planner
Labels:
- pull-request-available

Description

This release fixes CVE-2022-39135, an XML External Entity (XEE) vulnerability that allows a SQL query to read the contents of files via the SQL functions EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM or EXTRACT_VALUE.

Coming 1 month after 1.31.0 with 19 issues fixed by 17 contributors, this release also replaces the ESRI spatial engine with JTS and proj4j, adds 65 spatial SQL functions including ST_Centroid, ST_Covers and ST_GeomFromGeoJSON, adds the CHAR SQL function, and improves the return type of the ARRAY and MULTISET functions.

Attachments

Issue Links

is related to

FLINK-20873 Upgrade Calcite version to 1.27

Closed

FLINK-21239 Upgrade Calcite version to 1.28

Closed

FLINK-28744 Upgrade Calcite version to 1.31

Closed

relates to

FLINK-31362 Upgrade to Calcite version to 1.33.0

Open

FLINK-27998 Upgrade Calcite version to 1.30

Closed

links to

GitHub Pull Request #22682

mentioned in: Page Loading...

(1 links to, 1 mentioned in)

Activity

People

Assignee:: Sergey Nuyanzin

Reporter:: Martijn Visser

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 16/Sep/22 08:39

Updated:: 10/Jul/23 14:38

Resolved:: 10/Jul/23 14:31