CVE-2017-7669: Apache Hadoop privilege escalation
Severity: Critical
Vendor: The Apache Software Foundation
Versions affected: Hadoop 2.8.0, Hadoop 3.0.0-alpha1 and Hadoop 3.0.0-alpha2
Description:
The LinuxContainerExecutor runs docker commands as root with
insufficient input validation. When
Hi all,
The Apache Hadoop PMC has released version 3.0.0-alpha3.
This is a security release in the 3.0.0 release line. It consists of alpha2
plus security fixes, along with necessary build-related fixes. Users on
3.0.0-alpha1 and 3.0.0-alpha2 are encouraged to upgrade to 3.0.0-alpha3.
More