[SECURITY] CVE-2018-11777: Blocking local resource access in HiveServer2

CVE-2018-11777: Blocking local resource access in HiveServer2 Severity: Important Vendor: The Apache Software Foundation Versions Affected: This vulnerability affects all versions of Hive, including 2.3.3, 3.1.0 and earlier Description: Local resources on HiveServer2 machines are not properly

[SECURITY] CVE-2018-1314: Hive explain query not being authorized

CVE-2018-1314: Hive explain query not being authorized Severity: Important Vendor: The Apache Software Foundation Versions Affected: This vulnerability affects all versions of Hive, including 2.3.3, 3.1.0 and earlier Description: Hive "EXPLAIN" operation does not check for necessary

[ANNOUNCE] Apache Hive 2.3.4 Released

The Apache Hive team is proud to announce the release of Apache Hive version 2.3.4. The Apache Hive (TM) data warehouse software facilitates querying and managing large datasets residing in distributed storage. Built on top of Apache Hadoop (TM), it provides, among others: * Tools to enable easy

[ANNOUNCE] Apache Hive 3.1.1 Released

The Apache Hive team is proud to announce the release of Apache Hive version 3.1.1. The Apache Hive (TM) data warehouse software facilitates querying and managing large datasets residing in distributed storage. Built on top of Apache Hadoop (TM), it provides, among others: * Tools to enable easy

Re: Incorrect Release Notes for Hive-2.3.3

Yes, I cleared fixed version from the Jiras. It should be fixed. Thanks, Daniel From: Oleksiy S Reply-To: "user@hive.apache.org" Date: Friday, October 5, 2018 at 5:02 AM To: "d...@hive.apache.org" , "user@hive.apache.org" Subject: Re: Incorrect Release Notes for Hive-2.3.3 Guys any updates?

[SECURITY] CVE-2018-1284: Hive UDF series UDFXPathXXXX allow users to pass carefully crafted XML to access arbitrary files

CVE-2018-1284: Hive UDF series UDFXPath allow users to pass carefully crafted XML to access arbitrary files Severity: Important Vendor: The Apache Software Foundation Versions Affected: This vulnerability affects all versions from 0.6.0 Description: Malicious user might use any xpath UDFs

[SECURITY] CVE-2018-1282 JDBC driver is susceptible to SQL injection attack if the input parameters are not properly cleaned

CVE-2018-1282: JDBC driver is susceptible to SQL injection attack if the input parameters are not properly cleaned Severity: Important Vendor: The Apache Software Foundation Versions Affected: This vulnerability affects all versions of Hive JDBC driver from 0.7.1 Description: This

[SECURITY] CVE-2018-1315 'COPY FROM FTP' statement in HPL/SQL can write to arbitrary location if the FTP server is compromised

CVE-2018-1315: 'COPY FROM FTP' statement in HPL/SQL can write to arbitrary location if the FTP server is compromised Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Hive 2.1.0 to 2.3.2 Description: When 'COPY FROM FTP' statement is run using HPL/SQL extension to

[ANNOUNCE] Apache Hive 2.3.3 Released

The Apache Hive team is proud to announce the release of Apache Hive version 2.3.3. The Apache Hive (TM) data warehouse software facilitates querying and managing large datasets residing in distributed storage. Built on top of Apache Hadoop (TM), it provides, among others: * Tools to enable easy

Re: [ANNOUNCE] New Hive PMC Chair - Ashutosh Chauhan

Congratulations! On 9/16/15, 2:20 PM, "Szehon Ho" wrote: >Congrats to Ashutosh and thanks Carl for the years of service! > >On Wed, Sep 16, 2015 at 2:00 PM, Eugene Koifman >wrote: > >> Congrats! >> >> From: Pengcheng Xiong >>

Re: [ANNOUNCE] New Hive Committer - Thejas Nair

Congratulation! On Tue, Aug 20, 2013 at 4:56 PM, Shreepadma Venugopalan shreepa...@cloudera.com wrote: Congrats Tejas! On Tue, Aug 20, 2013 at 9:32 AM, Eugene Koifman ekoif...@hortonworks.com wrote: Congrats Thejas! On Tue, Aug 20, 2013 at 3:31 AM, Carl Steinbach c...@apache.org