[jira] [Created] (HIVE-25055) Improve the exception handling in HMSHandler
Zhihua Deng created HIVE-25055: -- Summary: Improve the exception handling in HMSHandler Key: HIVE-25055 URL: https://issues.apache.org/jira/browse/HIVE-25055 Project: Hive Issue Type: Improvement Components: Standalone Metastore Reporter: Zhihua Deng Assignee: Zhihua Deng -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (HIVE-25054) Upgrade jodd-core due to CVE-2018-21234
Abhay created HIVE-25054: Summary: Upgrade jodd-core due to CVE-2018-21234 Key: HIVE-25054 URL: https://issues.apache.org/jira/browse/HIVE-25054 Project: Hive Issue Type: Bug Components: Build Infrastructure Affects Versions: 3.1.2 Reporter: Abhay Assignee: Abhay Hive makes use of 3.5.2 version of the `jodd-core` library which is susceptible to CVE-2018-21234. Below is a description of that vulnerability. CVE-2018-21234 suppress Jodd before 5.0.4 performs Deserialization of Untrusted JSON Data when setClassMetadataName is set. CWE-502 Deserialization of Untrusted Data CVSSv2: Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3: Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References: MISC - https://github.com/oblac/jodd/commit/9bffc3913aeb8472c11bb543243004b4b4376f16MISC - https://github.com/oblac/jodd/compare/v5.0.3...v5.0.4MISC - https://github.com/oblac/jodd/issues/628Vulnerable Software & Versions: cpe:2.3:a:jodd:jodd:*:*:*:*:*:*:*:* versions up to (excluding) 5.0.4 This library needs to be upgraded. We use a couple of classes `JDateTime`([https://github.infra.cloudera.com/CDH/hive/blob/cdpd-master/ql/src/java/org/apache/hadoop/hive/ql/io/parquet/timestamp/NanoTimeUtils.java] ) and `HtmlEncoder`, which have either been deprecated and/or have been moved to a different package called jodd-util. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (HIVE-25053) Support explicit ROW value constructor in SQL statements
Stamatis Zampetakis created HIVE-25053: -- Summary: Support explicit ROW value constructor in SQL statements Key: HIVE-25053 URL: https://issues.apache.org/jira/browse/HIVE-25053 Project: Hive Issue Type: New Feature Components: Query Processor Reporter: Stamatis Zampetakis Currently, it is possible to create ROW type values by using the implicit syntax with parentheses. However, when the explicit ROW constructor is used a {{ParseException}} is raised. +Example+ {code:sql} CREATE TABLE person (id int, name string, age int); EXPLAIN CBO SELECT (id, name), (name, age) FROM person; EXPLAIN CBO SELECT ROW(id, name), ROW(name, age) FROM person; {code} The first select statement succeeds and returns the CBO plan while the second fails with the exception below: {noformat} org.apache.hadoop.hive.ql.parse.ParseException: line 3:19 cannot recognize input near 'ROW' '(' 'id' in select clause at org.apache.hadoop.hive.ql.parse.ParseDriver.parse(ParseDriver.java:125) at org.apache.hadoop.hive.ql.parse.ParseUtils.parse(ParseUtils.java:93) at org.apache.hadoop.hive.ql.parse.ParseUtils.parse(ParseUtils.java:85) at org.apache.hadoop.hive.ql.Compiler.parse(Compiler.java:169) at org.apache.hadoop.hive.ql.Compiler.compile(Compiler.java:102) at org.apache.hadoop.hive.ql.Driver.compile(Driver.java:492) at org.apache.hadoop.hive.ql.Driver.compileInternal(Driver.java:445) {noformat} -- This message was sent by Atlassian Jira (v8.3.4#803005)
CFP for ApacheCon 2021 closes in ONE WEEK
[You are receiving this because you're subscribed to one or more dev@ mailing lists for an Apache project, or the ApacheCon Announce list.] Time is running out to submit your talk for ApacheCon 2021. The Call for Presentations for ApacheCon @Home 2021, focused on Europe and North America time zones, closes May 3rd, and is at https://www.apachecon.com/acah2021/cfp.html The CFP for ApacheCon Asia, focused on Asia/Pacific time zones, is at https://apachecon.com/acasia2021/cfp.html and also closes on May 3rd. ApacheCon is our main event, featuring content from any and all of our projects, and is your best opportunity to get your project in front of the largest audience of enthusiasts. Please don't wait for the last minute. Get your talks in today! -- Rich Bowen, VP Conferences The Apache Software Foundation https://apachecon.com/ @apachecon
[jira] [Created] (HIVE-25052) Writing to Iceberg tables can fail when inserting empty result set
Marton Bod created HIVE-25052: - Summary: Writing to Iceberg tables can fail when inserting empty result set Key: HIVE-25052 URL: https://issues.apache.org/jira/browse/HIVE-25052 Project: Hive Issue Type: Bug Reporter: Marton Bod Assignee: Marton Bod -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (HIVE-25051) Callers can access uninitialized MessageBuilder instance causing NPE
Csaba Juhász created HIVE-25051: --- Summary: Callers can access uninitialized MessageBuilder instance causing NPE Key: HIVE-25051 URL: https://issues.apache.org/jira/browse/HIVE-25051 Project: Hive Issue Type: Bug Components: Standalone Metastore Reporter: Csaba Juhász Assignee: Csaba Juhász The creation of the singleton MessageBuilder instance is unsafe, threads can access the uninitialized instance. https://github.com/apache/hive/blob/326abf9685de39cf4f1b3222d84fe9cbc465710a/standalone-metastore/metastore-server/src/main/java/org/apache/hadoop/hive/metastore/messaging/MessageBuilder.java#L154 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (HIVE-25050) Disable 'hive.metastore.acid.truncate.usebase' config as it's introducing backward incompatible change
Denys Kuzmenko created HIVE-25050: - Summary: Disable 'hive.metastore.acid.truncate.usebase' config as it's introducing backward incompatible change Key: HIVE-25050 URL: https://issues.apache.org/jira/browse/HIVE-25050 Project: Hive Issue Type: Bug Reporter: Denys Kuzmenko -- This message was sent by Atlassian Jira (v8.3.4#803005)