From 45a6cc5f166c5807922ce0ec75ec6a92c2b28f22 Mon Sep 17 00:00:00 2001
From: Huy Vo <hvoam@amazon.com>
Date: Wed, 24 Apr 2024 15:44:51 -0700
Subject: [PATCH 1/2] Update website for patch release 0.38.2 and 0.37.3

---
 src/content/BlogPosts/blogPosts.yaml          |  8 +++
 ...elemetry-collector-v0.38.2-and-v0.37.3.mdx | 63 +++++++++++++++++++
 src/content/Downloads/downloads.yaml          | 12 ++++
 3 files changed, 83 insertions(+)
 create mode 100644 src/content/Blogs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx

diff --git a/src/content/BlogPosts/blogPosts.yaml b/src/content/BlogPosts/blogPosts.yaml
index 5aef697ef..ead0912d2 100644
--- a/src/content/BlogPosts/blogPosts.yaml
+++ b/src/content/BlogPosts/blogPosts.yaml
@@ -6,6 +6,14 @@ description:
 path: /blog
 
 blogs:
+  - title: "AWS Distro for OpenTelemetry Collector v0.38.2 and v0.37.3 are now available"
+    author: "Huy Vo"
+    date: "24-April-2024"
+    body:
+      "AWS Distro for OpenTelemetry v0.38.2 and v0.37.3 are now available. You can download the latest AWS Distro for OpenTelemetry Collector images
+        from the Amazon Elastic Container Registry (Amazon ECR) Public Gallery."
+    link: "/docs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3"
+
   - title: "AWS Distro for OpenTelemetry EKS Add-on v0.94.1-eksbuild.1 is now available"
     author: "Bryan Aguilar"
     date: "20-March-2024"
diff --git a/src/content/Blogs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx b/src/content/Blogs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx
new file mode 100644
index 000000000..a4f7228c6
--- /dev/null
+++ b/src/content/Blogs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx
@@ -0,0 +1,63 @@
+---
+title: "AWS Distro for OpenTelemetry Collector v0.38.2 and v0.37.3"
+description: This blog post is the release announcement for ADOT Collector v0.38.2 and v0.37.3
+---
+
+import SectionSeparator from "components/MdxSectionSeparator/sectionSeparator.jsx";
+
+<SectionSeparator />
+
+[AWS Distro for OpenTelemetry (ADOT)](https://aws-otel.github.io/) Collector v0.38.2 and v0.37.3 now available.
+You can download the latest [ADOT Collector image](https://gallery.ecr.aws/aws-observability/aws-otel-collector) from the
+[Amazon Elastic Container Registry (Amazon ECR)](https://aws.amazon.com/ecr/) Public Gallery.
+
+<SectionSeparator />
+
+# Notice
+
+We are aware of a potential issue in the Go standard library prior to version 1.22.2, used by the AWS Distribution for OpenTelemetry (ADOT) Collector up to and including v0.38.1 and also v0.37.2.
+We have prepared two new releases of the ADOT Collector, v0.38.2 and v0.37.3 using Go 1.22.2. There are no functional changes from the previous patch versions. We recommend that customers update their
+ADOT Collector to at least v0.38.2 or v0.37.3 at the earliest opportunity. See https://aws-otel.github.io/docs/getting-started/collector for information on deploying the ADOT Collector.
+
+Reference: https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M
+
+We are aware of a potential issue in the `golang.org/x/net` module prior to version 0.23.0, used by the AWS Distribution for OpenTelemetry (ADOT) Collector up to and including v0.38.1 and also v0.37.2.
+We have prepared two new releases of the ADOT Collector, v0.38.2 and v0.37.3 using `golang.org/x/net@v0.24.0`. There are no functional changes from the previous patch versions. We recommend that customers update their
+ADOT Collector to at least v0.38.2 or v0.37.3 at the earliest opportunity. See https://aws-otel.github.io/docs/getting-started/collector for information on deploying the ADOT Collector.
+
+Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-45288
+
+We are aware of a potential issue in the `docker` module prior to version 25.0.5, used by the AWS Distribution for OpenTelemetry (ADOT) Collector up to and including v0.38.1 and also v0.37.2.
+We have prepared two new releases of the ADOT Collector, v0.38.2 and v0.37.3 using `docker@v25.0.5`. There are no functional changes from the previous patch versions. We recommend that customers update their
+ADOT Collector to at least v0.38.2 or v0.37.3 at the earliest opportunity. See https://aws-otel.github.io/docs/getting-started/collector for information on deploying the ADOT Collector.
+
+Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-29018
+
+**Release Highlights**
+
+- Recompile with Go 1.22.2 to mitigate CVE-2023-45288
+- Update `golang.org/x/net` to v0.24.0 to mitigate CVE-2023-45288
+- Update `docker` to v25.0.5 or v24.0.9 respectively to mitigate CVE-2024-29018
+
+Detailed release notes are on [GitHub](https://github.com/aws-observability/aws-otel-collector/releases).
+
+**Download**
+
+Detailed technical documentation is available on the [ADOT developer site](https://aws-otel.github.io/),
+and you can [download the distribution](https://aws-otel.github.io/download) from
+[GitHub](https://github.com/aws-observability/aws-otel-collector/releases/tag/v0.38.2).
+You can also download the latest [ADOT Collector image](https://gallery.ecr.aws/aws-observability/aws-otel-collector)
+from the [Amazon Elastic Container Registry (Amazon ECR)](https://aws.amazon.com/ecr/) Public Gallery.
+
+To learn more about how to use AWS Distro for OpenTelemetry (ADOT) to collect data for your observability solution,
+check out the hands-on [AWS Observability workshop](https://observability.workshop.aws/en/adot.html).
+Please file an [issue](https://github.com/aws-observability/aws-otel-community/issues) if you have any
+questions about the distribution, features, or its components.
+
+We also welcome you to participate in the [OpenTelemetry project](https://github.com/open-telemetry).
+The project was [approved for incubation](https://www.cncf.io/blog/2021/08/26/opentelemetry-becomes-a-cncf-incubating-project/) status
+in August 2021 by the Cloud Native Computing Foundation Technical Oversight Committee (CNCF TOC). Learn more about
+[AWS Distro for OpenTelemetry](https://aws.amazon.com/blogs/opensource/category/management-tools/aws-distro-for-opentelemetry/) on the
+[AWS Open Source Blog](https://aws.amazon.com/blogs/opensource/category/management-tools/aws-distro-for-opentelemetry/), where we announced
+the distribution’s [general availability for tracing](https://aws.amazon.com/blogs/opensource/aws-distro-for-opentelemetry-is-now-ga-for-tracing/) in September 2021
+and the distribution's [general availability for metrics](https://aws.amazon.com/blogs/opensource/aws-distro-for-opentelemetry-is-now-generally-available-for-metrics/) in May 2022.
diff --git a/src/content/Downloads/downloads.yaml b/src/content/Downloads/downloads.yaml
index aea057143..bab54434f 100644
--- a/src/content/Downloads/downloads.yaml
+++ b/src/content/Downloads/downloads.yaml
@@ -1,3 +1,15 @@
+- version: 'AWS Distro for OpenTelemetry Collector Version 0.38.2'
+  releaseDate: 'April-24-2024'
+  license: 'Apache-2.0'
+  releaseNotesLink: 'https://github.com/aws-observability/aws-otel-collector/releases/tag/v0.38.2'
+  documentationLink: 'https://github.com/aws-observability/aws-otel-collector/blob/v0.38.2/README.md'
+  downloadLink: 'https://gallery.ecr.aws/aws-observability/aws-otel-collector'
+- version: 'AWS Distro for OpenTelemetry Collector Version 0.37.3'
+  releaseDate: 'April-24-2024'
+  license: 'Apache-2.0'
+  releaseNotesLink: 'https://github.com/aws-observability/aws-otel-collector/releases/tag/v0.37.3'
+  documentationLink: 'https://github.com/aws-observability/aws-otel-collector/blob/v0.37.3/README.md'
+  downloadLink: 'https://gallery.ecr.aws/aws-observability/aws-otel-collector'
 - version: 'AWS Distro for OpenTelemetry Collector Version 0.38.1'
   releaseDate: 'March-08-2024'
   license: 'Apache-2.0'

From 43cc82d67cd3e378f1a7d9c54242f07860802d02 Mon Sep 17 00:00:00 2001
From: Huy Vo <hvoam@amazon.com>
Date: Wed, 24 Apr 2024 15:49:16 -0700
Subject: [PATCH 2/2] Add another version for docker in blog

---
 ...s-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/content/Blogs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx b/src/content/Blogs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx
index a4f7228c6..3563b9e17 100644
--- a/src/content/Blogs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx
+++ b/src/content/Blogs/ReleaseBlogs/aws-distro-for-opentelemetry-collector-v0.38.2-and-v0.37.3.mdx
@@ -28,7 +28,7 @@ ADOT Collector to at least v0.38.2 or v0.37.3 at the earliest opportunity. See h
 Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-45288
 
 We are aware of a potential issue in the `docker` module prior to version 25.0.5, used by the AWS Distribution for OpenTelemetry (ADOT) Collector up to and including v0.38.1 and also v0.37.2.
-We have prepared two new releases of the ADOT Collector, v0.38.2 and v0.37.3 using `docker@v25.0.5`. There are no functional changes from the previous patch versions. We recommend that customers update their
+We have prepared two new releases of the ADOT Collector, v0.38.2 and v0.37.3 using `docker@v25.0.5` and `docker@v24.0.9`. There are no functional changes from the previous patch versions. We recommend that customers update their
 ADOT Collector to at least v0.38.2 or v0.37.3 at the earliest opportunity. See https://aws-otel.github.io/docs/getting-started/collector for information on deploying the ADOT Collector.
 
 Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-29018