[ANNOUNCE] Apache Oozie 4.3.1 released

2018-02-14 Thread Gézapeti Cseh
Hello Oozie community, The Apache Oozie team is pleased to announce the release of Oozie 4.3.1. Oozie 4.3.1 includes bug fixes and minor improvements. The details of the release and download location can be found at http://oozie.apache.org Thanks to all developers, QA's, users, and committers fo

Oozie 5.1.0 release and plans for the year

2018-06-19 Thread Gézapeti Cseh
Hi everyone, Now, that Oozie-2339 is in (with other fixes as well), I think it would be nice to release it as part of Oozie 5.1.0 so more people will try it out before we jump in to do the coordinator/bunlde part as well. Also, we're planning to pick up on new action types with Andras and Peter a

[CVE-2018-11799] Apache Oozie security vulnerability

2018-12-19 Thread Gézapeti Cseh
CVE-2018-11799: Apache Oozie security vulnerability Severity: 8.7 (High) (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N) Vendor: The Apache Software Foundation Versions Affected: Oozie versions earlier than 5.1.0 Description: A malicious user can construct an XML that results workflows running

[ANNOUNCEMENT] Apache Oozie repository moving to gitbox

2018-12-27 Thread Gézapeti Cseh
Hi all, due to changes in the Apache infrastructure, the Oozie project will move to gitbox.apache.org. The move will happen soon and is tracked by INFRA-17506 . I'll send an other mail when the move is done with the new repository address. Websit

Re: [ANNOUNCEMENT] Apache Oozie repository moving to gitbox

2018-12-29 Thread Gézapeti Cseh
The migration is done, the Oozie repository has been moved. The new addresses can be found on the website: http://oozie.apache.org/source-repository.html Thanks gp On Thu, Dec 27, 2018 at 12:16 PM Gézapeti Cseh wrote: > Hi all, > > due to changes in the Apache infrastructure, the Oozi

Next Oozie release

2021-01-21 Thread Gézapeti Cseh
Hi Oozie team, I'd like to have a new Oozie release soon-ish. There are great improvements in the master which are waiting to go out. Are there any outstanding tickets you want to see in the next release and we should wait for? gp

CVE-2020-35451: Oozie local privilege escalation

2021-03-09 Thread Gézapeti Cseh
Description: There is a race condition in OozieSharelibCLI which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation. A race condition in OozieSharelibCLI allows an attacker to replace the contents of the sharelib. This issue affects Apache Oozie versions pr