CVE-2022-23942: Apache Doris hardcoded cryptography initialization

Severity: moderate Description === Doris use hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. Mitigation === Upgrade to 1.0.0[1] or higher will resolve this problem. Credit: === We would like to

Re: [Discuess][DSIP] Using global dict to accelerate query that have low cardinality string

Got it, thanks! Look forward to this new feature! Best, Gabriel On Tue, 26 Apr 2022 at 17:13, GuoLei Yi wrote: > @ Gabriel Lee > > > > 1. I think we cannot trust users completely, so we should add a > protection > > mechanism for global dictionary. For example, fallback to raw string > > proces

Re: [Discuess][DSIP] Using global dict to accelerate query that have low cardinality string

@ Gabriel Lee > > 1. I think we cannot trust users completely, so we should add a protection > mechanism for global dictionary. For example, fallback to raw string > processing when entries in dictionary are too many. Yes, you are right, we cannot trust users completely. If there are too many str