-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73241/
-----------------------------------------------------------
Review request for ranger, Dineshkumar Yadav, Abhay Kulkarni, Madhan Neethiraj,
Mahesh Bandal, Mehul Parikh, and Velmurugan Periasamy.
Bugs: RANGER-3210
https://issues.apache.org/jira/browse/RANGER-3210
Repository: ranger
Description
-------
Upgrade Tomcat to 8.5.63 or later.
See CVE-2021-25329 Incomplete fix for CVE-2020-9484 (RCE via session
persistence)
Diffs
-----
pom.xml 0ba0d6fc0
Diff: https://reviews.apache.org/r/73241/diff/1/
Testing
-------
Ran : mvn clean compile test verify install - build was successful.
Kerberos env.
1. Performed basic CRUD operations with respect to policies, services and
security zones in SSL, HA and SSL-HA enviornments.
2. Verified various types of user lookup (internal and external) works in
policies, services and security zones in SSL, HA and SSL-HA enviornments.
3. As keyadmin user, performed basic CRUD operations with respect to policies,
services and security zones in SSL, HA and SSL-HA enviornments.
4. As keyadmin user,Verified various types of user lookup (internal and
external) works in policies, services and security zones in SSL, HA and SSL-HA
enviornments..
5. Performed basic enforcement scenarios for following components in SSL-HA
environment:
HBASE,HIVE,HIVE (masking),HIVE (Row filter),YARN,KNOX,KAFKA,ATLAS,TAG,KMS
6. Reports in new UI in SSL-HA environment.
Thanks,
Mateen Mansoori
