CVE update - fixed in Apache Ranger 0.7.1

Hello:

Please find below details on CVEs fixed in Ranger 0.7.1 release. Release =
details can be found at =
https://cwiki.apache.org/confluence/display/RANGER/0.7.1+Release+-+Apache+=
Ranger=20

=
--------------------------------------------------------------------------=
--------------------------------------------------------------------------=
-------------------------------------------------------------
CVE-2017-7676: Apache Ranger policy evaluation ignores characters after =
=E2=80=98*=E2=80=99 wildcard character
Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: 0.5.x/0.6.x/0.7.0 versions of Apache Ranger
Users affected: Environments that use Ranger policies with characters =
after =E2=80=98*=E2=80=99 wildcard character =E2=80=93 like my*test, =
test*.txt
Description: Policy resource matcher ignores characters after =E2=80=98*=E2=
=80=99 wildcard character, which can result in unintended behavior.
Fix detail: Ranger policy resource matcher was updated to correctly =
handle wildcard matches.
Mitigation: Users should upgrade to 0.7.1 or later version of Apache =
Ranger with the fix.
=
--------------------------------------------------------------------------=
--------------------------------------------------------------------------=
-------------------------------------------------------------
CVE-2017-7677: Apache Ranger Hive Authorizer should check for RWX =
permission when external location is specified
Severity: Critical
Vendor: The Apache Software Foundation
Versions Affected: 0.5.x/0.6.x/0.7.0 versions of Apache Ranger
Users affected: Environments that use external location for hive tables=20=

Description: In environments that use external location for hive tables, =
Apache Ranger Hive Authorizer should check for RWX permission for the =
external location specified for create table.
Fix detail: Ranger Hive Authorizer was updated to correctly handle =
permission check with external location.
Mitigation: Users should upgrade to 0.7.1 or later version of Apache =
Ranger with the fix.
=
--------------------------------------------------------------------------=
--------------------------------------------------------------------------=
-------------------------------------------------------------

Thank you,
Velmurugan Periasamy=