[
https://issues.apache.org/jira/browse/SENTRY-2120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sergio Peña updated SENTRY-2120:
Resolution: Fixed
Fix Version/s: 2.1.0
Status: Resolved (was: Patch Available)
[
https://issues.apache.org/jira/browse/SENTRY-2120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Na Li updated SENTRY-2120:
--
Summary: Escape input string for error response message in LogLevelServlet
(was: Potential cross-site
[
https://issues.apache.org/jira/browse/SENTRY-2120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Na Li updated SENTRY-2120:
--
Description:
LogLevelServlet.java has the following code
{code}
public void doGet(HttpServletRequest
[
https://issues.apache.org/jira/browse/SENTRY-2120?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16324551#comment-16324551
]
Sergio Peña commented on SENTRY-2120:
-
[~lina.li] We couldn't verify the vulnerability of this issue.
[
https://issues.apache.org/jira/browse/SENTRY-2115?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16324549#comment-16324549
]
kalyan kumar kalvagadda commented on SENTRY-2115:
-
I prefer option-1 listed above. I will
[
https://issues.apache.org/jira/browse/SENTRY-1165?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xinran Tinney updated SENTRY-1165:
--
Comment: was deleted
(was: review board link : [https://reviews.apache.org/r/64890/])
> add
[
https://issues.apache.org/jira/browse/SENTRY-1572?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xinran Tinney updated SENTRY-1572:
--
Attachment: SENTRY-1572.005.patch
> SentryMain() shouldn't dynamically load tool class
>
[
https://issues.apache.org/jira/browse/SENTRY-1819?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xinran Tinney updated SENTRY-1819:
--
Attachment: SENTRY-1819.005.patch
> HMSFollower and friends do not belong in