Version 2.1.1 (Includes security fix)

Tarrasch released this 06 Apr 07:35

· 1069 commits to master since this release

Last release was only 2 business days ago (as opposed to the 5 months since the one before it). But this release got rushed as of a security fix!

In addition to doc fixes:

Additions

List and Tupleparameters are now added
More Bigquery Options
The hive-cmd can now contain spaces.

Security bugfix

The server now have an explicit whitelist of external commands.
- Previous potential harm: Malicious hackers can run arbitrary code if they have file system (even external mounts!)+network access on the machine running luigid (executed by the user that you run luigid with).

We wait for a while with saying how to use this exploit, giving time to people to apply the bugfix.

Assets 2