Re: [VOTE] January 2024 PR of the Month

+1 for #34225. A lot of work went into that, and it really improves how the service works. From: Andrey Anshin Sent: Wednesday, February 28, 2024 8:58:37 AM To: dev@airflow.apache.org Subject: RE: [EXTERNAL] [COURRIEL EXTERNE] [VOTE] January 2024 PR of the Month

Re: [VOTE] January 2024 PR of the Month

+1 for #34225 That was long journey for complete the PR On Wed, 28 Feb 2024 at 01:36, Hussein Awala wrote: > +1 for #37058 > > On Tue, Feb 27, 2024 at 9:06 PM Scheffler Jens (XC-AS/EAE-ADA-T) > wrote: > > > Oh I totally missed #36797 - I was

CVE-2024-25128: Apache Airlfow Vulnerability: custom, long deprecated OpenID (NOT OIDC)

CVE-2024-25128: Vulnerability in custom, long deprecated OpenID (NOT OIDC) authentication method in Flask AppBuilder Severity: moderate Affected versions: - Apache Airflow before 2.8.2 Description: When Flask-AppBuilder configuration is set to ``AUTH_TYPE`` set to ``AUTH_OID``, it allows an