The Apache Qpid (http://qpid.apache.org) community is pleased to announce
the immediate availability of Apache Qpid Proton 0.22.0.
Apache Qpid Proton is a messaging library for the Advanced Message Queuing
Protocol 1.0 (AMQP 1.0, ISO/IEC 19464, http://www.amqp.org). It can be used
in a wide range
The Apache Jackrabbit community is pleased to announce the release of
Apache Jackrabbit Oak. The release is available for download at:
http://jackrabbit.apache.org/downloads.html
See the full release notes below for details about this release:
Release Notes -- Apache Jackrabbit Oak -- Ver
CVE-2018-1284: Hive UDF series UDFXPath allow users to pass
carefully crafted XML to access arbitrary files
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: This vulnerability affects all versions from 0.6.0
Description: Malicious user might use any xpath UDFs
(
CVE-2018-1282: JDBC driver is susceptible to SQL injection attack if
the input parameters are not properly cleaned
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: This vulnerability affects all versions of Hive
JDBC driver from 0.7.1
Description: This vulnerability
CVE-2018-1315: 'COPY FROM FTP' statement in HPL/SQL can write to
arbitrary location if the FTP server is compromised
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected: Hive 2.1.0 to 2.3.2
Description: When 'COPY FROM FTP' statement is run using HPL/SQL extension to
Hiv