The Mid Week News - 11/04/2018 edit  

It was half term holiday week last week (sorry - forgot to say) which meant no news, but we’re back this week…

Technology updates (details are on the relevant technology pages):

Other technology news:

  • Amazon have announced a new cheaper One Zone-IA Storage Class for S3 that doesn’t support geo redundancy, and the general availability of S3 select - summary; One Zone-IA; S3 Select; TheRegister view
  • From Hortonworks, a view on the performance of Hive over local disk vs S3 cloud storage - link
  • Hardly surprise, but from Datanami - Excel remains the go to Data Prep tool - link
  • An update on Oracle’s new “automated” database / data warehouse strategy - link
  • Microsoft have announced a public preview of soft deletes for Azure Storage Blobs - link
  • MapR are now also talking about “Streams of Record” with MapR-ES - link
  • We have a bunch of security announcements this week:
    • CVE-2018-1308 - XXE attack through Apache Solr’s DIH’s dataConfig request parameter
    • CVE-2018-1284 - Hive UDF series UDFXPathXXXX allow users to pass carefully crafted XML to access local files
    • CVE-2018-1315 - Hive ‘COPY FROM FTP’ statement in HPL/SQL can write to arbitrary location if the FTP server is compromised
    • CVE-2018-1282 - Hive JDBC driver is susceptible to SQL injection attack if the input parameters are not properly cleaned