CVE-2021-36749: Apache Druid: The HTTP inputSource allows authenticated users to read data from other sources than intended (incomplete fix of CVE-2021-26920)

Severity: low Description: In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid se

[ANNOUNCE] Apache Druid 0.22.0 release

The Apache Druid team is proud to announce the release of Apache Druid 0.22.0. Druid is a high performance analytics data store for event-driven data. Apache Druid 0.22.0 contains over 400 new features, performance enhancements, bug fixes, and documentation improvements from 73 contributors. Major

[ANNOUNCE] Apache Druid 0.21.1 release

The Apache Druid team is proud to announce the release of Apache Druid 0.21.1. Druid is a high performance analytics data store for event-driven data. Apache Druid 0.21.1 is a minor release to fix regressions introduced in 0.21.0. Source and binary distributions can be downloaded from: https://dru

[ANNOUNCE] Apache Druid 0.19.0 release

The Apache Druid team is proud to announce the release of Apache Druid 0.19.0. Druid is a high performance analytics data store for event-driven data. Apache Druid 0.19.0 contains around 200 new features, bug fixes, performance enhancements, documentation improvements, and additional test coverage

[ANNOUNCE] Apache Druid (incubating) 0.16.0 release

The Apache Druid team is proud to announce the release of Apache Druid (incubating) 0.16.0. Druid is a high performance analytics data store for event-driven data. Apache Druid 0.16.0-incubating contains over 350 new features, performance enhancements, bug fixes, and major documentation improvemen

[ANNOUNCE] Apache Druid (incubating) 0.15.1 release

Announcing Apache Druid 0.15.1-incubating, a small but important release that includes a collection of bug and documentation fixes. Apache Druid (incubating) is a high performance analytics data store for event-driven data. Source and binary distributions can be downloaded from: https://druid.apa

[ANNOUNCE] Apache Druid (incubating) 0.14.2 released

Announcing Apache Druid 0.14.2-incubating, a bug fix release that includes important fixes for the 'druid-datasketches' extension and query result caching. This is our 4th release as an Apache Incubating project. Apache Druid (incubating) is a high performance analytics data store for event-driven

[ANNOUNCE] Apache Druid (incubating) 0.14.1 release

Announcing Apache Druid 0.14.1-incubating, a small patch release that includes a handful of bug and documentation fixes. This is our 3rd release as an Apache Incubating project. Apache Druid (incubating) is a high performance analytics data store for event-driven data. Source and binary distribut