Re: [DISCUSS] Mutli-tenancy (AIP-43 AIP-44) next steps discussion

Thanks to everyone who participated today. The meeting #3: Jan 19, 2022: Notes here: https://docs.google.com/document/d/1RglGoiaRdFilu5DjmoZWYVteClu09RA-aRWdfVL16tQ/edit# Recording here:https://drive.google.com/file/d/1SMFzazuY1kg4B4r11wNt8EQ_PmTDRKq6/view Action items (details in the links):

CVE-2021-45230: Apache Airflow: Creating DagRuns didn't respect Dag-level permissions in the Webserver

Description: This CVE applies to a specific case where a User who has "can_create" permissions on DAG Runs can create Dag Runs for dags that they don't have "edit" permissions for. This is a very low severity CVE and admins can mitigate this issue by removing the global "can_create" permissio

CVE-2021-45230: Apache Airflow: Creating DagRuns didn't respect Dag-level permissions in the Webserver

Hi, Airflow community, Please find below the information about a vulnerability that has been addressed in Apache Airflow v2.2.0+: *Description*: This CVE applies to a specific case where a User who has "can_create" permissions on DAG Runs can create Dag Runs for dags that they don't have "edit" p

Airflow Summit 2022 is here!

** * *** * Hello Apache Airflow community, We are glad to announce the 3rd edition of Airflow Summit will be held online from May 23rd - May 27th, 2022, and we invite you to join us. The event format will be online, adding local watch parties. It will have b

Re: [DISCUSS] Mutli-tenancy (AIP-43 AIP-44) next steps discussion

Hello, Kind reminder - we have the #3 meeting today at 8pm CET Proposed agenda: - Intro: Broad goals of the two upcoming AIPs - Jarek Potiuk - AIP-43 Walkthrough [1] - Mateusz Henc - AIP-44 Walkthrough [2] - Jarek Potiuk - Initial conversations: - Ping Zhang/Kevin Yang" Parsin