ALL COVERED TOPICS

NoSQL Benchmarks NoSQL use cases NoSQL Videos NoSQL Hybrid Solutions NoSQL Presentations Big Data Hadoop MapReduce Pig Hive Flume Oozie Sqoop HDFS ZooKeeper Cascading Cascalog BigTable Cassandra HBase Hypertable Couchbase CouchDB MongoDB OrientDB RavenDB Jackrabbit Terrastore Amazon DynamoDB Redis Riak Project Voldemort Tokyo Cabinet Kyoto Cabinet memcached Amazon SimpleDB Datomic MemcacheDB M/DB GT.M Amazon Dynamo Dynomite Mnesia Yahoo! PNUTS/Sherpa Neo4j InfoGrid Sones GraphDB InfiniteGraph AllegroGraph MarkLogic Clustrix CouchDB Case Studies MongoDB Case Studies NoSQL at Adobe NoSQL at Facebook NoSQL at Twitter

NAVIGATE MAIN CATEGORIES

Close
Tuesday, 17 August 2010
‹ Back

CouchDB: Release 1.0.1, Fixes Both Data Loss Bug and Security Vulnerability

About:
,
,

The much expected new CouchDB release, 1.0.1, is not only fixing the critical data loss bug discovered in CouchDB 1.0, but also a cross site request forgery vulnerability[1]:

  • Fix data corruption bug COUCHDB-844. Please see the release notice for details.
  • Added support for replication via an HTTP/HTTP proxy.
  • Fixed various replicator bugs for interop with older CouchDB versions.
  • Show fields saved along with _deleted=true. Allows for auditing of deletes.
  • Enable basic-auth popup when required to access the server, to prevent people from getting locked out.
  • User interface element for querying stale (cached) views.
  • Fixed CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack

Good time to relax again ;-).

  1. The vulnerability is described ☞ here.  ()

CouchDB: Release 1.0.1, Fixes Both Data Loss Bug and Security Vulnerability originally posted on the NoSQL blog: myNoSQL