docs/content/posts/2023-09-19-release-statefun-3.3.0.md

authors:

martijnvisser: null name: Martijn Visser twitter: MartijnVisser82 date: “2023-09-19T08:00:00Z” title: Stateful Functions 3.3.0 Release Announcement

The Apache Flink community is excited to announce the release of Stateful Functions 3.3.0!

Stateful Functions is a cross-platform stack for building Stateful Serverless applications, making it radically simpler to develop scalable, consistent, and elastic distributed applications. This new release upgrades the Flink runtime to 1.16.2.

The binary distribution and source artifacts are now available on the updated [Downloads]({{< relref “downloads” >}}) page of the Flink website, and the most recent Java SDK, Python SDK,, GoLang SDK and JavaScript SDK distributions are available on Maven, PyPI, Github, and npm respectively. You can also find official StateFun Docker images of the new version on Dockerhub.

For more details, check the complete release notes and the updated documentation. We encourage you to download the release and share your feedback with the community through the [Flink mailing lists]({{< relref “community” >}}#mailing-lists) or JIRA!

New Features

Fixed CVE-2023-41834

Stateful Functions versions 3.1.0, 3.1.1 and 3.2.0 allowed HTTP header injection due to Improper Neutralization of CRLF Sequences. Attackers could potentially inject malicious content into the HTTP response that is sent to the user. This could include injecting a fake login form or other phishing content, or injecting malicious JavaScript code that can steal user credentials or perform other malicious actions on the user's behalf.

Stateful Functions 3.3.0 has fixed this security vulnerability. More details can be found on the [Security]({{< relref “security” >}}) page.

Upgraded Flink dependency to 1.16.2

Stateful Functions 3.3.0 runtime uses Flink 1.16.2 underneath. This means that Stateful Functions benefits from the latest improvements and stabilisations that went into Flink. For more information see Flink's release announcement.

Release Notes

Please review the release notes for a detailed list of changes and new features if you plan to upgrade your setup to Stateful Functions 3.3.0.

List of Contributors

Till Rohrmann, Mingmin Xu, Igal Shilman, Martijn Visser, Chesnay Schepler, SiddiqueAhmad, Galen Warren, Seth Wiesman, FilKarnicki, Tzu-Li (Gordon) Tai

If you’d like to get involved, we’re always looking for new contributors.