This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/zeppelin-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new d4fb8f9a1 Automatic Site Publish by Buildbot
d4fb8f9a1 is described below
commit d4fb8f9a13b36ce645bc26953827cfcd645651e1
Author: buildbot <us...@infra.apache.org>
AuthorDate: Tue Jul 8 06:19:51 2025 +0000
Automatic Site Publish by Buildbot
---
output/atom.xml | 2 +-
output/rss.xml | 4 ++--
output/security.html | 14 ++++++++++++--
3 files changed, 15 insertions(+), 5 deletions(-)
diff --git a/output/atom.xml b/output/atom.xml
index bba2ab337..6ff89d599 100644
--- a/output/atom.xml
+++ b/output/atom.xml
@@ -4,7 +4,7 @@
<title>Apache Zeppelin</title>
<link href="http://zeppelin.apache.org/"; rel="self"/>
<link href="http://zeppelin.apache.org"/>
- <updated>2025-06-29T14:04:41+00:00</updated>
+ <updated>2025-07-08T06:19:40+00:00</updated>
<id>http://zeppelin.apache.org</id>
<author>
<name>The Apache Software Foundation</name>
diff --git a/output/rss.xml b/output/rss.xml
index c73cf8786..9167ecab8 100644
--- a/output/rss.xml
+++ b/output/rss.xml
@@ -5,8 +5,8 @@
<description>Apache Zeppelin - The Apache Software
Foundation</description>
<link>http://zeppelin.apache.org</link>
<link>http://zeppelin.apache.org</link>
- <lastBuildDate>2025-06-29T14:04:41+00:00</lastBuildDate>
- <pubDate>2025-06-29T14:04:41+00:00</pubDate>
+ <lastBuildDate>2025-07-08T06:19:40+00:00</lastBuildDate>
+ <pubDate>2025-07-08T06:19:40+00:00</pubDate>
<ttl>1800</ttl>
diff --git a/output/security.html b/output/security.html
index e0fc4260d..957d6a0e9 100644
--- a/output/security.html
+++ b/output/security.html
@@ -5,7 +5,7 @@
<head>
<meta charset="utf-8">
<title>Security</title>
- <meta name="description" content="This page explains what security
characteristics can be expected from Zeppelin, what measures operators of a
Zeppelin instance will have to take, and how to report any security issues
found in the Zeppelin software.">
+ <meta name="description" content="This page explains what security
characteristics can be expected from Apache Zeppelin, what measures operators
of a Zeppelin instance will have to take, and how to report any security issues
found in the Zeppelin software.">
<meta name="author" content="The Apache Software Foundation">
<!-- Enable responsive viewport -->
@@ -154,7 +154,7 @@ limitations under the License.
<h1>Zeppelin Security</h1>
<p>This page explains what security characteristics can be expected from
-Zeppelin, what measures operators of a Zeppelin instance will have to
+Apache Zeppelin, what measures operators of a Zeppelin instance will have to
take, and how to report any security issues found in the Zeppelin
software.</p>
@@ -174,6 +174,16 @@ running the Zeppelin server. As generic interpreters such
as sh, Groovy,
Java and Python make this especially trivial, we plan to disable the sh
interpreter by default from version 0.11.1 onward.</p>
+<h3>JDBC Interpreter</h3>
+
+<p>This is the component that we get the most Security reports about.
+Many JDBC drivers have support for specifying powerful query parameters in the
+JDBC URLs. Many of the driver jars have security issues that are fixed in newer
+versions. Zeppelin users should be very careful about which jars they add to
their
+Zeppelin deployments. Always use the latest available jars and ensure that you
+set up Zeppelin on a secure network to stop malicious users gaining access to
+your deployment (see below).</p>
+
<h3>Zeppelin on Docker</h3>
<p>An exception to the above is when the Zeppelin interpreter
