CVE-2018-11777: Blocking local resource access in HiveServer2
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: This vulnerability affects all versions of Hive,
including 2.3.3, 3.1.0 and earlier
Description: Local resources on HiveServer2 machines are not properly
CVE-2018-1314: Hive explain query not being authorized
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: This vulnerability affects all versions of Hive,
including 2.3.3, 3.1.0 and earlier
Description: Hive "EXPLAIN" operation does not check for necessary
The Apache Hive team is proud to announce the release of Apache Hive
version 2.3.4.
The Apache Hive (TM) data warehouse software facilitates querying and
managing large datasets residing in distributed storage. Built on top
of Apache Hadoop (TM), it provides, among others:
* Tools to enable easy
The Apache Hive team is proud to announce the release of Apache Hive
version 3.1.1.
The Apache Hive (TM) data warehouse software facilitates querying and
managing large datasets residing in distributed storage. Built on top
of Apache Hadoop (TM), it provides, among others:
* Tools to enable easy
Yes, I cleared fixed version from the Jiras. It should be fixed.
Thanks,
Daniel
From: Oleksiy S
Reply-To: "user@hive.apache.org"
Date: Friday, October 5, 2018 at 5:02 AM
To: "d...@hive.apache.org" , "user@hive.apache.org"
Subject: Re: Incorrect Release Notes for Hive-2.3.3
Guys any updates?
CVE-2018-1284: Hive UDF series UDFXPath allow users to pass
carefully crafted XML to access arbitrary files
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: This vulnerability affects all versions from 0.6.0
Description: Malicious user might use any xpath UDFs
CVE-2018-1282: JDBC driver is susceptible to SQL injection attack if
the input parameters are not properly cleaned
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: This vulnerability affects all versions of Hive
JDBC driver from 0.7.1
Description: This
CVE-2018-1315: 'COPY FROM FTP' statement in HPL/SQL can write to
arbitrary location if the FTP server is compromised
Severity: Moderate
Vendor: The Apache Software Foundation
Versions Affected: Hive 2.1.0 to 2.3.2
Description: When 'COPY FROM FTP' statement is run using HPL/SQL extension to
The Apache Hive team is proud to announce the release of Apache Hive
version 2.3.3.
The Apache Hive (TM) data warehouse software facilitates querying and
managing large datasets residing in distributed storage. Built on top
of Apache Hadoop (TM), it provides, among others:
* Tools to enable easy
Congratulations!
On 9/16/15, 2:20 PM, "Szehon Ho" wrote:
>Congrats to Ashutosh and thanks Carl for the years of service!
>
>On Wed, Sep 16, 2015 at 2:00 PM, Eugene Koifman
>wrote:
>
>> Congrats!
>>
>> From: Pengcheng Xiong
>>
Congratulation!
On Tue, Aug 20, 2013 at 4:56 PM, Shreepadma Venugopalan
shreepa...@cloudera.com wrote:
Congrats Tejas!
On Tue, Aug 20, 2013 at 9:32 AM, Eugene Koifman ekoif...@hortonworks.com
wrote:
Congrats Thejas!
On Tue, Aug 20, 2013 at 3:31 AM, Carl Steinbach c...@apache.org
11 matches
Mail list logo