, oleg,
Onur Karaman, Rajini Sivaram, siva santhalingam, Xavier Léauté, Xin Li
We welcome your help and feedback. For more information on how to
report problems,
and to get involved, visit the project website at http://kafka.apache.org/
Thank you!
Regards,
Rajini
, Matthias J. Sax,
Matthias Wessendorf, Max Zheng, Maytee Chinavanichkit, Mickael Maison,
Mikkin,
mulvenna, Narendra kumar, Nick Chiu, Onur Karaman, Panuwat Anawatmongkhon,
Paolo Patierno, parafiend, ppatierno, Prasanna Gautam, Radai Rosenblatt,
Rajini Sivaram, Randall Hauch, Richard Yu, RichardYuSTUG
- 0.11.0.2 or higher
- 1.0.0 or higher
Acknowledgements:
This issue was reported by Rajini Sivaram.
Regards,
Rajini
CVE-2018-1288: Authenticated Kafka clients may interfere with data
replication
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected:
Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to
0.11.0.2, 1.0.0
Description:
Authenticated Kafka users may per
Reftel, Manikumar Reddy, Manikumar Reddy O,
manjuapu, Mats Julian Olsen, Matthias J. Sax, Max Zheng, maytals,
Michael Arndt, Michael G. Noll, Mickael Maison, nafshartous, Nick Travers,
nixsticks, Paolo Patierno, parafiend, Patrik Erdes, Radai Rosenblatt,
Rajini Sivaram, Randall Hauch, ro7m, Robert