-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

CVE-2015-3254: Apache Sentry vulnerabilities due to use of vulnerable version
of Apache Thrift

Severity: Major

Vendor: The Apache Software Foundation

Versions Affected:

This vulnerability affects all versions of Apache Sentry prior to 1.7.1.

Description:

Apache Sentry prior to version 1.7.1 depended on a vulnerable version of
Apache Thrift (0.9.2). This version of Apache Thrift contains a vulnerability
that allows malicious users to cause a Denial of Service (DoS) attack.

Migration:

Apache Sentry users should upgrade to either the 1.7.1, 1.8.0, 2.0.0 or later
releases as soon as possible.
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJaT5uqAAoJEGe/gLEK1TmD8BkH/1hgcr/BcUbbFaXuiKLxZxJd
hq4i5+s36G447LDvJhlhKDdJdS6eozE0sGqfPNq+Brugod8Us0ZF/n7N9qF0tjg3
jJeK3o3OXjFzdYMJwfMs033O+siQDe4YqhF6hQ5xW4EGHiDzd9SCeNt/vdjU1l0d
WUWaLQFZM/cZJam1fv3IOnE17kjoxSZ/DVFe8UlJ7KwMWIyiGRL8+Yn2+4Zw1BLY
NhPOQhiKLiG7pcYc3wxc+Rnq304OSc4Uk02bKHKUg1PumFgtpApn69yJbF2EvT2E
Sq8n+kh9zbgrkR8F7k89wwVAyX/dpey051qdx8B0t9IGt2CJBsbyPBiYNbymn7Q=
=1SRM
-----END PGP SIGNATURE-----