[jira] [Updated] (SENTRY-2120) Escape input string for error response message in LogLevelServlet

2018-01-12 Thread JIRA
[ https://issues.apache.org/jira/browse/SENTRY-2120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sergio Peña updated SENTRY-2120: Resolution: Fixed Fix Version/s: 2.1.0 Status: Resolved (was: Patch Available)

[jira] [Updated] (SENTRY-2120) Escape input string for error response message in LogLevelServlet

2018-01-12 Thread Na Li (JIRA)
[ https://issues.apache.org/jira/browse/SENTRY-2120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2120: -- Summary: Escape input string for error response message in LogLevelServlet (was: Potential cross-site

[jira] [Updated] (SENTRY-2120) Potential cross-site scripting in LogLevelServlet

2018-01-12 Thread Na Li (JIRA)
[ https://issues.apache.org/jira/browse/SENTRY-2120?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Na Li updated SENTRY-2120: -- Description: LogLevelServlet.java has the following code {code} public void doGet(HttpServletRequest

[jira] [Commented] (SENTRY-2120) Potential cross-site scripting in LogLevelServlet

2018-01-12 Thread JIRA
[ https://issues.apache.org/jira/browse/SENTRY-2120?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16324551#comment-16324551 ] Sergio Peña commented on SENTRY-2120: - [~lina.li] We couldn't verify the vulnerability of this issue.

[jira] [Commented] (SENTRY-2115) Sentry will be out of sync with HMS on disabling and enabling HDFS synchronization.

2018-01-12 Thread kalyan kumar kalvagadda (JIRA)
[ https://issues.apache.org/jira/browse/SENTRY-2115?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16324549#comment-16324549 ] kalyan kumar kalvagadda commented on SENTRY-2115: - I prefer option-1 listed above. I will

[jira] [Issue Comment Deleted] (SENTRY-1165) add clover plugin to maven to get code coverage report

2018-01-12 Thread Xinran Tinney (JIRA)
[ https://issues.apache.org/jira/browse/SENTRY-1165?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xinran Tinney updated SENTRY-1165: -- Comment: was deleted (was: review board link : [https://reviews.apache.org/r/64890/]) > add

[jira] [Updated] (SENTRY-1572) SentryMain() shouldn't dynamically load tool class

2018-01-12 Thread Xinran Tinney (JIRA)
[ https://issues.apache.org/jira/browse/SENTRY-1572?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xinran Tinney updated SENTRY-1572: -- Attachment: SENTRY-1572.005.patch > SentryMain() shouldn't dynamically load tool class >

[jira] [Updated] (SENTRY-1819) HMSFollower and friends do not belong in sentry.service.thrift

2018-01-12 Thread Xinran Tinney (JIRA)
[ https://issues.apache.org/jira/browse/SENTRY-1819?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xinran Tinney updated SENTRY-1819: -- Attachment: SENTRY-1819.005.patch > HMSFollower and friends do not belong in