High severityNVD Advisory· Published Feb 24, 2023· Updated Mar 11, 2025

Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service

CVE-2023-25692

Description

Improper Input Validation vulnerability in the Apache Airflow Google Provider.

This issue affects Apache Airflow Google Provider versions before 8.10.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Improper input validation in Apache Airflow Google Provider before 8.10.0 allows attackers to specify arbitrary binary paths via cloud_sql_binary_path.

Vulnerability

Overview CVE-2023-25692 is an improper input validation vulnerability in the Apache Airflow Google Provider, affecting versions prior to 8.10.0 [2]. The flaw resides in the handling of the cloud_sql_binary_path setting within the connection configuration. The pull request that fixes the issue notes that specifying cloud_sql_binary_path in the connection should never be needed, implying that the parameter was meant for the Hook but was exposed without proper sanitization [3].

Exploitation

The attack surface is the Airflow connection configuration interface, where a user (or an attacker with access to create or modify connections) can set the cloud_sql_binary_path parameter. Because the input is not validated, an attacker could supply a path to an arbitrary executable, such as a malicious binary or a system tool. Exploitation requires the ability to define or alter a connection used by a Google Cloud SQL-related DAG or operator.

Impact

If successfully exploited, an attacker could execute arbitrary binaries on the Airflow worker node when the Cloud SQL hook or operator is executed. This could lead to full compromise of the Airflow environment, including data exfiltration, lateral movement, or disruption of workflows. The CVSS score is not provided, but the severity is considered high due to the potential for remote code execution.

Mitigation

The vulnerability is fixed in Apache Airflow Google Provider version 8.10.0 [2]. Users are strongly advised to upgrade to this version or later. The fix moves the cloud_sql_binary_path parameter from the connection to the Hook, where it is subject to stricter validation and scope control [3]. No public exploit is known at the time of publication.

References

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
apache-airflow-providers-googlePyPI	< 8.10.0	8.10.0

Affected products

Apache/Airflow providers-googlellm-fuzzy2 versions
<8.10.0+ 1 more
- (no CPE)range: <8.10.0
- (no CPE)range: 0
ghsa-coords
pkg:pypi/apache-airflow-providers-google
Range: < 8.10.0

Patches

470fdaea2756

Prepare docs for 02 2023 midmonth wave of Providers (#29589)

https://github.com/apache/airfloweladkalFeb 18, 2023via osv

commit

44 files changed · +320 −42

airflow/providers/amazon/CHANGELOG.rst+18 −0 modified

@@ -24,6 +24,24 @@
 Changelog
 ---------
 
+7.2.1
+.....
+
+Bug Fixes
+~~~~~~~~~
+
+* ``Explicitly handle exceptions raised by config parsing in AWS provider (#29587)``
+
+Misc
+~~~~
+
+* ``Fix docstring for EcsRunTaskOperator region_name -> region (#29562)``
+
+.. Below changes are excluded from the changelog. Move them to
+   appropriate section above if needed. Do not delete the lines(!):
+   * ``Restore trigger logging (#29482)``
+   * ``Revert "Enable individual trigger logging (#27758)" (#29472)``
+
 7.2.0
 .....

airflow/providers/amazon/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
     Amazon integration (including `Amazon Web Services (AWS) <https://aws.amazon.com/>`__).
 
 versions:
+  - 7.2.1
   - 7.2.0
   - 7.1.0
   - 7.0.0

airflow/providers/apache/beam/CHANGELOG.rst+8 −0 modified

@@ -24,6 +24,14 @@
 Changelog
 ---------
 
+4.3.0
+.....
+
+Features
+~~~~~~~~
+
+* ``Get rid of state in Apache Beam provider hook (#29503)``
+
 4.2.0
 .....

airflow/providers/apache/beam/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
     `Apache Beam <https://beam.apache.org/>`__.
 
 versions:
+  - 4.3.0
   - 4.2.0
   - 4.1.1
   - 4.1.0

airflow/providers/apache/hive/CHANGELOG.rst+7 −0 modified

@@ -24,6 +24,13 @@
 Changelog
 ---------
 
+5.1.3
+.....
+
+Bug Fixes
+~~~~~~~~~
+* ``Validate Hive Beeline parameters (#29502)``
+
 5.1.2
 .....

airflow/providers/apache/hive/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
   `Apache Hive <https://hive.apache.org/>`__
 
 versions:
+  - 5.1.3
   - 5.1.2
   - 5.1.1
   - 5.1.0

airflow/providers/apache/sqoop/CHANGELOG.rst+7 −0 modified

@@ -24,6 +24,13 @@
 Changelog
 ---------
 
+3.1.1
+.....
+
+Bug Fixes
+~~~~~~~~~
+* ``Move libjars parameter in Sqoop Hook to Hook parameter (#29500)``
+
 3.1.0
 .....

airflow/providers/apache/sqoop/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
   `Apache Sqoop <https://sqoop.apache.org/>`__
 
 versions:
+  - 3.1.1
   - 3.1.0
   - 3.0.0
   - 2.1.3

airflow/providers/cncf/kubernetes/CHANGELOG.rst+8 −0 modified

@@ -24,6 +24,14 @@
 Changelog
 ---------
 
+5.2.1
+.....
+
+Bug Fixes
+~~~~~~~~~
+
+* ``Fix @task.kubernetes to receive input and send output (#28942)``
+
 5.2.0
 .....

airflow/providers/cncf/kubernetes/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
     `Kubernetes <https://kubernetes.io/>`__
 
 versions:
+  - 5.2.1
   - 5.2.0
   - 5.1.1
   - 5.1.0

airflow/providers/docker/CHANGELOG.rst+8 −0 modified

@@ -24,6 +24,14 @@
 Changelog
 ---------
 
+3.5.1
+.....
+
+Bug Fixes
+~~~~~~~~~
+
+* ``fix template_fields in the decorator 'task.docker' (#29586)``
+
 3.5.0
 .....

airflow/providers/docker/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
     `Docker <https://docs.docker.com/install/>`__
 
 versions:
+  - 3.5.1
   - 3.5.0
   - 3.4.0
   - 3.3.0

airflow/providers/google/CHANGELOG.rst+26 −0 modified

@@ -23,6 +23,32 @@
 Changelog
 ---------
 
+8.10.0
+......
+
+Features
+~~~~~~~~
+
+* ``Add defer mode to GKECreateClusterOperator and GKEDeleteClusterOperator (#28406)``
+
+Bug Fixes
+~~~~~~~~~
+* ``Move cloud_sql_binary_path from connection to Hook (#29499)``
+* ``Check that cloud sql provider version is valid (#29497)``
+* ``'GoogleDriveHook': Add folder_id param to upload_file (#29477)``
+
+Misc
+~~~~
+* ``Add documentation for BigQuery transfer operators (#29466)``
+
+.. Below changes are excluded from the changelog. Move them to
+   appropriate section above if needed. Do not delete the lines(!):
+   * ``Upgrade Mypy to 1.0 (#29468)``
+   * ``Restore trigger logging (#29482)``
+   * ``Revert "Enable individual trigger logging (#27758)" (#29472)``
+   * ``Revert "Upgrade mypy to 0.991 (#28926)" (#29470)``
+   * ``Upgrade mypy to 0.991 (#28926)``
+
 8.9.0
 .....

airflow/providers/google/provider.yaml+1 −0 modified

@@ -29,6 +29,7 @@ description: |
       - `Google Workspace <https://workspace.google.com/>`__ (formerly Google Suite)
 
 versions:
+  - 8.10.0
   - 8.9.0
   - 8.8.0
   - 8.7.0

airflow/providers/http/CHANGELOG.rst+8 −0 modified

@@ -24,6 +24,14 @@
 Changelog
 ---------
 
+4.2.0
+.....
+
+Features
+~~~~~~~~
+
+* ``Add HttpHookAsync for deferrable implementation (#29038)``
+
 4.1.1
 .....

airflow/providers/http/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
     `Hypertext Transfer Protocol (HTTP) <https://www.w3.org/Protocols/>`__
 
 versions:
+  - 4.2.0
   - 4.1.1
   - 4.1.0
   - 4.0.0

airflow/providers/microsoft/azure/CHANGELOG.rst+13 −0 modified

@@ -24,6 +24,19 @@
 Changelog
 ---------
 
+5.2.1
+.....
+
+Bug Fixes
+~~~~~~~~~
+
+* ``Handle deleting more than 256 blobs using 'WasbHook.delete_file()' (#29565)``
+
+.. Below changes are excluded from the changelog. Move them to
+   appropriate section above if needed. Do not delete the lines(!):
+   * ``Restore trigger logging (#29482)``
+   * ``Revert "Enable individual trigger logging (#27758)" (#29472)``
+
 5.2.0
 .....

airflow/providers/microsoft/azure/provider.yaml+1 −0 modified

@@ -21,6 +21,7 @@ name: Microsoft Azure
 description: |
     `Microsoft Azure <https://azure.microsoft.com/>`__
 versions:
+  - 5.2.1
   - 5.2.0
   - 5.1.0
   - 5.0.2

airflow/providers/sftp/CHANGELOG.rst+8 −0 modified

@@ -24,6 +24,14 @@
 Changelog
 ---------
 
+4.2.3
+.....
+
+Bug Fixes
+~~~~~~~~~
+
+* ``Fix sftp sensor with pattern (#29467)``
+
 4.2.2
 .....

airflow/providers/sftp/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
     `SSH File Transfer Protocol (SFTP) <https://tools.ietf.org/wg/secsh/draft-ietf-secsh-filexfer/>`__
 
 versions:
+  - 4.2.3
   - 4.2.2
   - 4.2.1
   - 4.2.0

airflow/providers/snowflake/CHANGELOG.rst+8 −0 modified

@@ -24,6 +24,14 @@
 Changelog
 ---------
 
+4.0.4
+.....
+
+Bug Fixes
+~~~~~~~~~
+
+* ``Fix missing parens for files parameter (#29437)``
+
 4.0.3
 .....

airflow/providers/snowflake/provider.yaml+1 −0 modified

@@ -22,6 +22,7 @@ description: |
     `Snowflake <https://www.snowflake.com/>`__
 
 versions:
+  - 4.0.4
   - 4.0.3
   - 4.0.2
   - 4.0.1

docs/apache-airflow-providers-amazon/commits.rst+16 −1 modified

@@ -28,14 +28,29 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+7.2.1
+.....
+
+Latest change: 2023-02-17
+
+=================================================================================================  ===========  ==================================================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ==================================================================================
+`46d45e09cb <https://github.com/apache/airflow/commit/46d45e09cb5607ae583929f3eba1923a64631f48>`_  2023-02-17   ``Explicitly handle exceptions raised by config parsing in AWS provider (#29587)``
+`cadab59e8d <https://github.com/apache/airflow/commit/cadab59e8df90588b07cf8d9ee3ce13f9a79f656>`_  2023-02-15   ``Fix docstring for EcsRunTaskOperator region_name -> region (#29562)``
+`f9e9d23457 <https://github.com/apache/airflow/commit/f9e9d23457cba5d3e18b5bdb7b65ecc63735b65b>`_  2023-02-11   ``Restore trigger logging (#29482)``
+`60d4bcd1d1 <https://github.com/apache/airflow/commit/60d4bcd1d101bb56955081d14e3e138a0c960c5f>`_  2023-02-10   ``Revert "Enable individual trigger logging (#27758)" (#29472)``
+=================================================================================================  ===========  ==================================================================================
+
 7.2.0
 .....
 
-Latest change: 2023-02-03
+Latest change: 2023-02-08
 
 =================================================================================================  ===========  ======================================================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  ======================================================================================
+`ce6ae2457e <https://github.com/apache/airflow/commit/ce6ae2457ef3d9f44f0086b58026909170bbf22a>`_  2023-02-08   ``Prepare docs for Feb 2023 wave of Providers (#29379)``
 `1b18a501fe <https://github.com/apache/airflow/commit/1b18a501fe818079e535838fa4f232b03365fc75>`_  2023-02-03   ``Enable individual trigger logging (#27758)``
 `cb0c90bd66 <https://github.com/apache/airflow/commit/cb0c90bd661fbd1519df8125f09c12b1d8dd0db0>`_  2023-02-02   ``Decrypt SecureString value obtained by SsmHook (#29142)``
 `efc8857d55 <https://github.com/apache/airflow/commit/efc8857d55b96f1fdb6cf4fd767276f5c541e038>`_  2023-02-01   ``log the observed status in redshift sensor (#29274)``

docs/apache-airflow-providers-amazon/index.rst+3 −3 modified

@@ -72,7 +72,7 @@ Package apache-airflow-providers-amazon
 Amazon integration (including `Amazon Web Services (AWS) <https://aws.amazon.com/>`__).
 
 
-Release: 7.2.0
+Release: 7.2.1
 
 Provider package
 ----------------
@@ -139,7 +139,7 @@ Downloading official packages
 You can download officially released packages and verify their checksums and signatures from the
 `Official Apache Download site <https://downloads.apache.org/airflow/providers/>`_
 
-* `The apache-airflow-providers-amazon 7.2.0 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-amazon-7.2.0.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-amazon-7.2.0.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-amazon-7.2.0.tar.gz.sha512>`__)
-* `The apache-airflow-providers-amazon 7.2.0 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_amazon-7.2.0-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_amazon-7.2.0-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_amazon-7.2.0-py3-none-any.whl.sha512>`__)
+* `The apache-airflow-providers-amazon 7.2.1 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-amazon-7.2.1.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-amazon-7.2.1.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-amazon-7.2.1.tar.gz.sha512>`__)
+* `The apache-airflow-providers-amazon 7.2.1 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_amazon-7.2.1-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_amazon-7.2.1-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_amazon-7.2.1-py3-none-any.whl.sha512>`__)
 
 .. include:: ../../airflow/providers/amazon/CHANGELOG.rst

docs/apache-airflow-providers-apache-beam/commits.rst+13 −1 modified

@@ -28,14 +28,26 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+4.3.0
+.....
+
+Latest change: 2023-02-17
+
+=================================================================================================  ===========  ==========================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ==========================================================
+`7ba27e7881 <https://github.com/apache/airflow/commit/7ba27e78812b890f0c7642d78a986fe325ff61c4>`_  2023-02-17   ``Get rid of state in Apache Beam provider hook (#29503)``
+=================================================================================================  ===========  ==========================================================
+
 4.2.0
 .....
 
-Latest change: 2023-01-23
+Latest change: 2023-02-08
 
 =================================================================================================  ===========  =================================================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  =================================================================================
+`ce6ae2457e <https://github.com/apache/airflow/commit/ce6ae2457ef3d9f44f0086b58026909170bbf22a>`_  2023-02-08   ``Prepare docs for Feb 2023 wave of Providers (#29379)``
 `3374fdfcbd <https://github.com/apache/airflow/commit/3374fdfcbddb630b4fc70ceedd5aed673e6c0a0d>`_  2023-01-23   ``Deprecate 'delegate_to' param in GCP operators and update docs (#29088)``
 `8c4303e1ac <https://github.com/apache/airflow/commit/8c4303e1ace0774244b556a8d86a19058af2b16d>`_  2023-01-18   ``Add support for running a Beam Go pipeline with an executable binary (#28764)``
 =================================================================================================  ===========  =================================================================================

docs/apache-airflow-providers-apache-beam/index.rst+3 −3 modified

@@ -63,7 +63,7 @@ Package apache-airflow-providers-apache-beam
 `Apache Beam <https://beam.apache.org/>`__.
 
 
-Release: 4.2.0
+Release: 4.3.0
 
 Provider package
 ----------------
@@ -113,7 +113,7 @@ Downloading official packages
 You can download officially released packages and verify their checksums and signatures from the
 `Official Apache Download site <https://downloads.apache.org/airflow/providers/>`_
 
-* `The apache-airflow-providers-apache-beam 4.2.0 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-beam-4.2.0.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-beam-4.2.0.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-beam-4.2.0.tar.gz.sha512>`__)
-* `The apache-airflow-providers-apache-beam 4.2.0 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_beam-4.2.0-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_beam-4.2.0-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_beam-4.2.0-py3-none-any.whl.sha512>`__)
+* `The apache-airflow-providers-apache-beam 4.3.0 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-beam-4.3.0.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-beam-4.3.0.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-beam-4.3.0.tar.gz.sha512>`__)
+* `The apache-airflow-providers-apache-beam 4.3.0 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_beam-4.3.0-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_beam-4.3.0-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_beam-4.3.0-py3-none-any.whl.sha512>`__)
 
 .. include:: ../../airflow/providers/apache/beam/CHANGELOG.rst

docs/apache-airflow-providers-apache-hive/commits.rst+13 −1 modified

@@ -28,14 +28,26 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+5.1.3
+.....
+
+Latest change: 2023-02-15
+
+=================================================================================================  ===========  =============================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  =============================================
+`1cb127b9fd <https://github.com/apache/airflow/commit/1cb127b9fd22a7dc8e0b82cab8acb7cd4c317c9c>`_  2023-02-15   ``Validate Hive Beeline parameters (#29502)``
+=================================================================================================  ===========  =============================================
+
 5.1.2
 .....
 
-Latest change: 2023-01-18
+Latest change: 2023-02-08
 
 =================================================================================================  ===========  =======================================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  =======================================================================
+`ce6ae2457e <https://github.com/apache/airflow/commit/ce6ae2457ef3d9f44f0086b58026909170bbf22a>`_  2023-02-08   ``Prepare docs for Feb 2023 wave of Providers (#29379)``
 `23da4daaa0 <https://github.com/apache/airflow/commit/23da4daaa018e72b39b977afcde85deaf2224f1e>`_  2023-01-18   ``Revert "Remove conn.close() ignores (#29005)" (#29010)``
 `85f8df7b8a <https://github.com/apache/airflow/commit/85f8df7b8a18e1147c7e014a7af7fc4e66aaa8be>`_  2023-01-18   ``Remove conn.close() ignores (#29005)``
 `aa97474020 <https://github.com/apache/airflow/commit/aa97474020712d3f450ab169a5a054580e7b7d28>`_  2023-01-18   ``Fixed MyPy errors introduced by new mysql-connector-python (#28995)``

docs/apache-airflow-providers-apache-hive/index.rst+3 −3 modified

@@ -66,7 +66,7 @@ Package apache-airflow-providers-apache-hive
 `Apache Hive <https://hive.apache.org/>`__
 
 
-Release: 5.1.2
+Release: 5.1.3
 
 Provider package
 ----------------
@@ -127,7 +127,7 @@ Downloading official packages
 You can download officially released packages and verify their checksums and signatures from the
 `Official Apache Download site <https://downloads.apache.org/airflow/providers/>`_
 
-* `The apache-airflow-providers-apache-hive 5.1.2 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-hive-5.1.2.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-hive-5.1.2.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-hive-5.1.2.tar.gz.sha512>`__)
-* `The apache-airflow-providers-apache-hive 5.1.2 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_hive-5.1.2-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_hive-5.1.2-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_hive-5.1.2-py3-none-any.whl.sha512>`__)
+* `The apache-airflow-providers-apache-hive 5.1.3 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-hive-5.1.3.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-hive-5.1.3.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-apache-hive-5.1.3.tar.gz.sha512>`__)
+* `The apache-airflow-providers-apache-hive 5.1.3 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_hive-5.1.3-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_hive-5.1.3-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_apache_hive-5.1.3-py3-none-any.whl.sha512>`__)
 
 .. include:: ../../airflow/providers/apache/hive/CHANGELOG.rst

docs/apache-airflow-providers-apache-sqoop/commits.rst+13 −1 modified

@@ -28,14 +28,26 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+3.1.1
+.....
+
+Latest change: 2023-02-16
+
+=================================================================================================  ===========  ===================================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ===================================================================
+`655ffb835e <https://github.com/apache/airflow/commit/655ffb835eb4c5343c3f2b4d37b352248f2768ef>`_  2023-02-16   ``Move libjars parameter in Sqoop Hook to Hook parameter (#29500)``
+=================================================================================================  ===========  ===================================================================
+
 3.1.0
 .....
 
-Latest change: 2022-10-24
+Latest change: 2022-11-15
 
 =================================================================================================  ===========  ====================================================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  ====================================================================================
+`12c3c39d1a <https://github.com/apache/airflow/commit/12c3c39d1a816c99c626fe4c650e88cf7b1cc1bc>`_  2022-11-15   ``pRepare docs for November 2022 wave of Providers (#27613)``
 `78b8ea2f22 <https://github.com/apache/airflow/commit/78b8ea2f22239db3ef9976301234a66e50b47a94>`_  2022-10-24   ``Move min airflow version to 2.3.0 for all providers (#27196)``
 `2a34dc9e84 <https://github.com/apache/airflow/commit/2a34dc9e8470285b0ed2db71109ef4265e29688b>`_  2022-10-23   ``Enable string normalization in python formatting - providers (#27205)``
 `f8db64c35c <https://github.com/apache/airflow/commit/f8db64c35c8589840591021a48901577cff39c07>`_  2022-09-28   ``Update docs for September Provider's release (#26731)``

docs/apache-airflow-providers-apache-sqoop/index.rst+1 −1 modified

@@ -51,7 +51,7 @@ Package apache-airflow-providers-apache-sqoop
 `Apache Sqoop <https://sqoop.apache.org/>`__
 
 
-Release: 3.1.0
+Release: 3.1.1
 
 Provider package
 ----------------

docs/apache-airflow-providers-cncf-kubernetes/commits.rst+13 −1 modified

@@ -28,14 +28,26 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+5.2.1
+.....
+
+Latest change: 2023-02-18
+
+=================================================================================================  ===========  ==================================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ==================================================================
+`9a5c3e0ac0 <https://github.com/apache/airflow/commit/9a5c3e0ac0b682d7f2c51727a56e06d68bc9f6be>`_  2023-02-18   ``Fix @task.kubernetes to receive input and send output (#28942)``
+=================================================================================================  ===========  ==================================================================
+
 5.2.0
 .....
 
-Latest change: 2023-02-01
+Latest change: 2023-02-08
 
 =================================================================================================  ===========  ==================================================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  ==================================================================================
+`ce6ae2457e <https://github.com/apache/airflow/commit/ce6ae2457ef3d9f44f0086b58026909170bbf22a>`_  2023-02-08   ``Prepare docs for Feb 2023 wave of Providers (#29379)``
 `d26dc22391 <https://github.com/apache/airflow/commit/d26dc223915c50ff58252a709bb7b33f5417dfce>`_  2023-02-01   ``Patch only single label when marking KPO checked (#29279)``
 `246d778e6b <https://github.com/apache/airflow/commit/246d778e6b8042850ef8510bd25c52b1198030f1>`_  2023-01-30   ``Add deferrable mode to ''KubernetesPodOperator'' (#29017)``
 `70b84b51a5 <https://github.com/apache/airflow/commit/70b84b51a5802b72dc7a8fb9bf8133699adcc79c>`_  2023-01-23   ``Allow setting the name for the base container within K8s Pod Operator (#28808)``

docs/apache-airflow-providers-cncf-kubernetes/index.rst+1 −1 modified

@@ -65,7 +65,7 @@ Package apache-airflow-providers-cncf-kubernetes
 `Kubernetes <https://kubernetes.io/>`__
 
 
-Release: 5.2.0
+Release: 5.2.1
 
 Provider package
 ----------------

docs/apache-airflow-providers-docker/commits.rst+16 −4 modified

@@ -28,20 +28,32 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+3.5.1
+.....
+
+Latest change: 2023-02-17
+
+=================================================================================================  ===========  ===============================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ===============================================================
+`7bd87e75de <https://github.com/apache/airflow/commit/7bd87e75def1855d8f5b91e9ab1ffbbf416709ec>`_  2023-02-17   ``fix template_fields in the decorator 'task.docker' (#29586)``
+=================================================================================================  ===========  ===============================================================
+
 3.5.0
 .....
 
-Latest change: 2023-01-18
+Latest change: 2023-01-23
 
-=================================================================================================  ===========  ==========================================================================
+=================================================================================================  ===========  =============================================================================
 Commit                                                                                             Committed    Subject
-=================================================================================================  ===========  ==========================================================================
+=================================================================================================  ===========  =============================================================================
+`dd6cef7889 <https://github.com/apache/airflow/commit/dd6cef7889884bd15d4caca8aae61f3b73c29b1e>`_  2023-01-23   ``Prepare ad hoc provider release for Docker, Cassandra, Papermill (#28999)``
 `3a7bfce601 <https://github.com/apache/airflow/commit/3a7bfce6017207218889b66976dbee1ed84292dc>`_  2023-01-18   ``Skip DockerOperator task when it returns a provided exit code (#28996)``
 `cd637c223f <https://github.com/apache/airflow/commit/cd637c223f93c4306743921e85777d2eff7ae54b>`_  2023-01-16   ``Fix label name for 'reauth' field in Docker Connection (#28974)``
 `911b708ffd <https://github.com/apache/airflow/commit/911b708ffddd4e7cb6aaeac84048291891eb0f1f>`_  2023-01-14   ``Prepare docs for Jan 2023 mid-month wave of Providers (#28929)``
 `af2c22a00a <https://github.com/apache/airflow/commit/af2c22a00afdd9302cbcda1de63fc1804b2cd2e5>`_  2023-01-03   ``Add correct widgets in Docker Hook (#28700)``
 `57a889de35 <https://github.com/apache/airflow/commit/57a889de357b269ae104b721e2a4bb78b929cea9>`_  2023-01-03   ``Make docker operators always use 'DockerHook' for API calls (#28363)``
-=================================================================================================  ===========  ==========================================================================
+=================================================================================================  ===========  =============================================================================
 
 3.4.0
 .....

docs/apache-airflow-providers-docker/index.rst+1 −1 modified

@@ -59,7 +59,7 @@ Package apache-airflow-providers-docker
 `Docker <https://docs.docker.com/install/>`__
 
 
-Release: 3.5.0
+Release: 3.5.1
 
 Provider package
 ----------------

docs/apache-airflow-providers-google/commits.rst+22 −1 modified

@@ -35,14 +35,35 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+8.10.0
+......
+
+Latest change: 2023-02-18
+
+=================================================================================================  ===========  ====================================================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ====================================================================================
+`f37772adfd <https://github.com/apache/airflow/commit/f37772adfdfdee8763147e0563897e4d5d5657c8>`_  2023-02-18   ``'GoogleDriveHook': Add folder_id param to upload_file (#29477)``
+`28126c12fb <https://github.com/apache/airflow/commit/28126c12fbdd2cac84e0fbcf2212154085aa5ed9>`_  2023-02-14   ``Add defer mode to GKECreateClusterOperator and GKEDeleteClusterOperator (#28406)``
+`32c571e592 <https://github.com/apache/airflow/commit/32c571e5926983903ac8b9017c36f14137a797a5>`_  2023-02-14   ``Move cloud_sql_binary_path from connection to Hook (#29499)``
+`41fade2d21 <https://github.com/apache/airflow/commit/41fade2d219c1841fafa439cc5dbb036f34ee32a>`_  2023-02-13   ``Upgrade Mypy to 1.0 (#29468)``
+`5e6f8eb4d5 <https://github.com/apache/airflow/commit/5e6f8eb4d5fdcaa713022ee46b1ca9bd2e3ab44e>`_  2023-02-13   ``Check that cloud sql provider version is valid (#29497)``
+`f9e9d23457 <https://github.com/apache/airflow/commit/f9e9d23457cba5d3e18b5bdb7b65ecc63735b65b>`_  2023-02-11   ``Restore trigger logging (#29482)``
+`7ee1a56244 <https://github.com/apache/airflow/commit/7ee1a5624497fc457af239e93e4c1af94972bbe6>`_  2023-02-11   ``Add documentation for BigQuery transfer operators (#29466)``
+`60d4bcd1d1 <https://github.com/apache/airflow/commit/60d4bcd1d101bb56955081d14e3e138a0c960c5f>`_  2023-02-10   ``Revert "Enable individual trigger logging (#27758)" (#29472)``
+`6c1eeb5839 <https://github.com/apache/airflow/commit/6c1eeb58393173895944d5414793b38abdc7510d>`_  2023-02-11   ``Revert "Upgrade mypy to 0.991 (#28926)" (#29470)``
+`6ae0a80cba <https://github.com/apache/airflow/commit/6ae0a80cbaf1d33343b763c7f82612b4522afc40>`_  2023-02-11   ``Upgrade mypy to 0.991 (#28926)``
+=================================================================================================  ===========  ====================================================================================
+
 8.9.0
 .....
 
-Latest change: 2023-02-03
+Latest change: 2023-02-08
 
 =================================================================================================  ===========  ===================================================================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  ===================================================================================================
+`ce6ae2457e <https://github.com/apache/airflow/commit/ce6ae2457ef3d9f44f0086b58026909170bbf22a>`_  2023-02-08   ``Prepare docs for Feb 2023 wave of Providers (#29379)``
 `1b18a501fe <https://github.com/apache/airflow/commit/1b18a501fe818079e535838fa4f232b03365fc75>`_  2023-02-03   ``Enable individual trigger logging (#27758)``
 `872df121e2 <https://github.com/apache/airflow/commit/872df121e2ae24520eeb29fe606183a566e35dd8>`_  2023-02-03   ``Add deferrable capability to existing ''DataprocDeleteClusterOperator'' (#29349)``
 `094d6bf01b <https://github.com/apache/airflow/commit/094d6bf01b9d8b1a5d358dc10fd561cf3a04c51b>`_  2023-01-30   ``Add deferrable mode to dataflow operators (#27776)``

docs/apache-airflow-providers-google/index.rst+3 −3 modified

@@ -76,7 +76,7 @@ Google services including:
   - `Google Workspace <https://workspace.google.com/>`__ (formerly Google Suite)
 
 
-Release: 8.9.0
+Release: 8.10.0
 
 Provider package
 ----------------
@@ -193,7 +193,7 @@ Downloading official packages
 You can download officially released packages and verify their checksums and signatures from the
 `Official Apache Download site <https://downloads.apache.org/airflow/providers/>`_
 
-* `The apache-airflow-providers-google 8.9.0 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-google-8.9.0.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-google-8.9.0.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-google-8.9.0.tar.gz.sha512>`__)
-* `The apache-airflow-providers-google 8.9.0 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_google-8.9.0-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_google-8.9.0-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_google-8.9.0-py3-none-any.whl.sha512>`__)
+* `The apache-airflow-providers-google 8.10.0 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-google-8.10.0.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-google-8.10.0.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-google-8.10.0.tar.gz.sha512>`__)
+* `The apache-airflow-providers-google 8.10.0 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_google-8.10.0-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_google-8.10.0-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_google-8.10.0-py3-none-any.whl.sha512>`__)
 
 .. include:: ../../airflow/providers/google/CHANGELOG.rst

docs/apache-airflow-providers-http/commits.rst+16 −4 modified

@@ -28,16 +28,28 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+4.2.0
+.....
+
+Latest change: 2023-02-14
+
+=================================================================================================  ===========  ============================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ============================================================
+`47edfe9a22 <https://github.com/apache/airflow/commit/47edfe9a22d1c521e49de3bed87bc332a48c0a80>`_  2023-02-14   ``Add HttpHookAsync for deferrable implementation (#29038)``
+=================================================================================================  ===========  ============================================================
+
 4.1.1
 .....
 
-Latest change: 2023-01-13
+Latest change: 2023-01-14
 
-=================================================================================================  ===========  =================================================
+=================================================================================================  ===========  ==================================================================
 Commit                                                                                             Committed    Subject
-=================================================================================================  ===========  =================================================
+=================================================================================================  ===========  ==================================================================
+`911b708ffd <https://github.com/apache/airflow/commit/911b708ffddd4e7cb6aaeac84048291891eb0f1f>`_  2023-01-14   ``Prepare docs for Jan 2023 mid-month wave of Providers (#28929)``
 `a9d5471c66 <https://github.com/apache/airflow/commit/a9d5471c66c788d8469ca65556e5820f1e96afc1>`_  2023-01-13   ``Change logging for HttpHook to debug (#28911)``
-=================================================================================================  ===========  =================================================
+=================================================================================================  ===========  ==================================================================
 
 4.1.0
 .....

docs/apache-airflow-providers-http/index.rst+3 −1 modified

@@ -65,7 +65,7 @@ Package apache-airflow-providers-http
 `Hypertext Transfer Protocol (HTTP) <https://www.w3.org/Protocols/>`__
 
 
-Release: 4.1.1
+Release: 4.2.0
 
 Provider package
 ----------------
@@ -88,6 +88,8 @@ PIP package            Version required
 =====================  ==================
 ``requests``           ``>=2.26.0``
 ``requests_toolbelt``
+``aiohttp``
+``asgiref``
 =====================  ==================
 
 .. include:: ../../airflow/providers/http/CHANGELOG.rst

docs/apache-airflow-providers-microsoft-azure/commits.rst+15 −1 modified

@@ -28,14 +28,28 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+5.2.1
+.....
+
+Latest change: 2023-02-16
+
+=================================================================================================  ===========  ===============================================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ===============================================================================
+`ce28775397 <https://github.com/apache/airflow/commit/ce28775397627a750514c904577703ecaa331d2b>`_  2023-02-16   ``Handle deleting more than 256 blobs using 'WasbHook.delete_file()' (#29565)``
+`f9e9d23457 <https://github.com/apache/airflow/commit/f9e9d23457cba5d3e18b5bdb7b65ecc63735b65b>`_  2023-02-11   ``Restore trigger logging (#29482)``
+`60d4bcd1d1 <https://github.com/apache/airflow/commit/60d4bcd1d101bb56955081d14e3e138a0c960c5f>`_  2023-02-10   ``Revert "Enable individual trigger logging (#27758)" (#29472)``
+=================================================================================================  ===========  ===============================================================================
+
 5.2.0
 .....
 
-Latest change: 2023-02-03
+Latest change: 2023-02-08
 
 =================================================================================================  ===========  ===========================================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  ===========================================================================
+`ce6ae2457e <https://github.com/apache/airflow/commit/ce6ae2457ef3d9f44f0086b58026909170bbf22a>`_  2023-02-08   ``Prepare docs for Feb 2023 wave of Providers (#29379)``
 `1b18a501fe <https://github.com/apache/airflow/commit/1b18a501fe818079e535838fa4f232b03365fc75>`_  2023-02-03   ``Enable individual trigger logging (#27758)``
 `3374fdfcbd <https://github.com/apache/airflow/commit/3374fdfcbddb630b4fc70ceedd5aed673e6c0a0d>`_  2023-01-23   ``Deprecate 'delegate_to' param in GCP operators and update docs (#29088)``
 `6c50a691a8 <https://github.com/apache/airflow/commit/6c50a691a813a306133228740fedbb4c59a0e56c>`_  2023-01-19   ``Fix params rendering in AzureSynapseHook Python API docs (#29041)``

docs/apache-airflow-providers-microsoft-azure/index.rst+3 −3 modified

@@ -67,7 +67,7 @@ Package apache-airflow-providers-microsoft-azure
 `Microsoft Azure <https://azure.microsoft.com/>`__
 
 
-Release: 5.2.0
+Release: 5.2.1
 
 Provider package
 ----------------
@@ -135,7 +135,7 @@ Downloading official packages
 You can download officially released packages and verify their checksums and signatures from the
 `Official Apache Download site <https://downloads.apache.org/airflow/providers/>`_
 
-* `The apache-airflow-providers-microsoft-azure 5.2.0 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-microsoft-azure-5.2.0.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-microsoft-azure-5.2.0.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-microsoft-azure-5.2.0.tar.gz.sha512>`__)
-* `The apache-airflow-providers-microsoft-azure 5.2.0 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_microsoft_azure-5.2.0-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_microsoft_azure-5.2.0-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_microsoft_azure-5.2.0-py3-none-any.whl.sha512>`__)
+* `The apache-airflow-providers-microsoft-azure 5.2.1 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-microsoft-azure-5.2.1.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-microsoft-azure-5.2.1.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-microsoft-azure-5.2.1.tar.gz.sha512>`__)
+* `The apache-airflow-providers-microsoft-azure 5.2.1 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_microsoft_azure-5.2.1-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_microsoft_azure-5.2.1-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_microsoft_azure-5.2.1-py3-none-any.whl.sha512>`__)
 
 .. include:: ../../airflow/providers/microsoft/azure/CHANGELOG.rst

docs/apache-airflow-providers-sftp/commits.rst+13 −1 modified

@@ -28,14 +28,26 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+4.2.3
+.....
+
+Latest change: 2023-02-13
+
+=================================================================================================  ===========  =========================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  =========================================
+`8e24387d6d <https://github.com/apache/airflow/commit/8e24387d6db177c662342245bb183bfd73fb9ee8>`_  2023-02-13   ``Fix sftp sensor with pattern (#29467)``
+=================================================================================================  ===========  =========================================
+
 4.2.2
 .....
 
-Latest change: 2023-01-21
+Latest change: 2023-02-08
 
 =================================================================================================  ===========  ===========================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  ===========================================================
+`ce6ae2457e <https://github.com/apache/airflow/commit/ce6ae2457ef3d9f44f0086b58026909170bbf22a>`_  2023-02-08   ``Prepare docs for Feb 2023 wave of Providers (#29379)``
 `2b7071c600 <https://github.com/apache/airflow/commit/2b7071c60022b3c483406839d3c0ef734db5daad>`_  2023-01-21   ``FTP operator has logic in __init__ (#29073)``
 `bac7b3027d <https://github.com/apache/airflow/commit/bac7b3027d57d2a31acb9a2d078c6af4dc777162>`_  2023-01-20   ``Fix SFTP operator's template fields processing (#29068)``
 =================================================================================================  ===========  ===========================================================

docs/apache-airflow-providers-sftp/index.rst+3 −3 modified

@@ -52,7 +52,7 @@ Package apache-airflow-providers-sftp
 `SSH File Transfer Protocol (SFTP) <https://tools.ietf.org/wg/secsh/draft-ietf-secsh-filexfer/>`__
 
 
-Release: 4.2.2
+Release: 4.2.3
 
 Provider package
 ----------------
@@ -102,7 +102,7 @@ Downloading official packages
 You can download officially released packages and verify their checksums and signatures from the
 `Official Apache Download site <https://downloads.apache.org/airflow/providers/>`_
 
-* `The apache-airflow-providers-sftp 4.2.2 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-sftp-4.2.2.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-sftp-4.2.2.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-sftp-4.2.2.tar.gz.sha512>`__)
-* `The apache-airflow-providers-sftp 4.2.2 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_sftp-4.2.2-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_sftp-4.2.2-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_sftp-4.2.2-py3-none-any.whl.sha512>`__)
+* `The apache-airflow-providers-sftp 4.2.3 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-sftp-4.2.3.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-sftp-4.2.3.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-sftp-4.2.3.tar.gz.sha512>`__)
+* `The apache-airflow-providers-sftp 4.2.3 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_sftp-4.2.3-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_sftp-4.2.3-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_sftp-4.2.3-py3-none-any.whl.sha512>`__)
 
 .. include:: ../../airflow/providers/sftp/CHANGELOG.rst

docs/apache-airflow-providers-snowflake/commits.rst+13 −1 modified

@@ -28,14 +28,26 @@ For high-level changelog, see :doc:`package information including changelog <ind
 
 
 
+4.0.4
+.....
+
+Latest change: 2023-02-10
+
+=================================================================================================  ===========  ===================================================
+Commit                                                                                             Committed    Subject
+=================================================================================================  ===========  ===================================================
+`0fd4fc7f35 <https://github.com/apache/airflow/commit/0fd4fc7f35f0e12bef2c9615acf9651e9f2cec72>`_  2023-02-10   ``Fix missing parens for files parameter (#29437)``
+=================================================================================================  ===========  ===================================================
+
 4.0.3
 .....
 
-Latest change: 2023-01-29
+Latest change: 2023-02-08
 
 =================================================================================================  ===========  ====================================================================
 Commit                                                                                             Committed    Subject
 =================================================================================================  ===========  ====================================================================
+`ce6ae2457e <https://github.com/apache/airflow/commit/ce6ae2457ef3d9f44f0086b58026909170bbf22a>`_  2023-02-08   ``Prepare docs for Feb 2023 wave of Providers (#29379)``
 `9b073119d4 <https://github.com/apache/airflow/commit/9b073119d401594b3575c6f7dc4a14520d8ed1d3>`_  2023-01-29   ``provide missing connection to the parent class operator (#29211)``
 `eff677c418 <https://github.com/apache/airflow/commit/eff677c418f09690f7e89302368dbff54e7fce75>`_  2023-01-28   ``Snowflake Provider - hide host from UI (#29208)``
 =================================================================================================  ===========  ====================================================================

docs/apache-airflow-providers-snowflake/index.rst+3 −3 modified

@@ -65,7 +65,7 @@ Package apache-airflow-providers-snowflake
 `Snowflake <https://www.snowflake.com/>`__
 
 
-Release: 4.0.3
+Release: 4.0.4
 
 Provider package
 ----------------
@@ -118,7 +118,7 @@ Downloading official packages
 You can download officially released packages and verify their checksums and signatures from the
 `Official Apache Download site <https://downloads.apache.org/airflow/providers/>`_
 
-* `The apache-airflow-providers-snowflake 4.0.3 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-snowflake-4.0.3.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-snowflake-4.0.3.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-snowflake-4.0.3.tar.gz.sha512>`__)
-* `The apache-airflow-providers-snowflake 4.0.3 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_snowflake-4.0.3-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_snowflake-4.0.3-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_snowflake-4.0.3-py3-none-any.whl.sha512>`__)
+* `The apache-airflow-providers-snowflake 4.0.4 sdist package <https://downloads.apache.org/airflow/providers/apache-airflow-providers-snowflake-4.0.4.tar.gz>`_ (`asc <https://downloads.apache.org/airflow/providers/apache-airflow-providers-snowflake-4.0.4.tar.gz.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache-airflow-providers-snowflake-4.0.4.tar.gz.sha512>`__)
+* `The apache-airflow-providers-snowflake 4.0.4 wheel package <https://downloads.apache.org/airflow/providers/apache_airflow_providers_snowflake-4.0.4-py3-none-any.whl>`_ (`asc <https://downloads.apache.org/airflow/providers/apache_airflow_providers_snowflake-4.0.4-py3-none-any.whl.asc>`__, `sha512 <https://downloads.apache.org/airflow/providers/apache_airflow_providers_snowflake-4.0.4-py3-none-any.whl.sha512>`__)
 
 .. include:: ../../airflow/providers/snowflake/CHANGELOG.rst

32c571e59269

Move cloud_sql_binary_path from connection to Hook (#29499)

https://github.com/apache/airflowJarek PotiukFeb 13, 2023via ghsa-ref

commit PR #29499

3 files changed · +14 −6

airflow/providers/google/cloud/example_dags/example_cloud_sql_query.py+5 −3 modified

@@ -205,8 +205,7 @@ def get_absolute_path(path):
     "location={location}&"
     "instance={instance}&"
     "use_proxy=True&"
-    "sql_proxy_binary_path={sql_proxy_binary_path}&"
-    "sql_proxy_use_tcp=False".format(sql_proxy_binary_path=quote_plus(sql_proxy_binary_path), **mysql_kwargs)
+    "sql_proxy_use_tcp=False".format(**mysql_kwargs)
 )
 
 # MySQL: connect directly via TCP (non-SSL)
@@ -279,7 +278,10 @@ def get_absolute_path(path):
 
     for connection_name in connection_names:
         task = CloudSQLExecuteQueryOperator(
-            gcp_cloudsql_conn_id=connection_name, task_id="example_gcp_sql_task_" + connection_name, sql=SQL
+            gcp_cloudsql_conn_id=connection_name,
+            task_id="example_gcp_sql_task_" + connection_name,
+            sql=SQL,
+            sql_proxy_binary_path=sql_proxy_binary_path,
         )
         tasks.append(task)
         if prev_task:

airflow/providers/google/cloud/hooks/cloud_sql.py+4 −3 modified

@@ -668,6 +668,8 @@ class CloudSQLDatabaseHook(BaseHook):
     * **public_ip** - IP to connect to for public connection (from host of the URI).
     * **public_port** - Port to connect to for public connection (from port of the URI).
     * **database** - Database to connect to (from schema of the URI).
+    * **sql_proxy_binary_path** - Optional path to Cloud SQL Proxy binary. If the binary
+      is not specified or the binary is not present, it is automatically downloaded.
 
     Remaining parameters are retrieved from the extras (URI query parameters):
 
@@ -682,8 +684,6 @@ class CloudSQLDatabaseHook(BaseHook):
       You cannot use proxy and SSL together.
     * **sql_proxy_use_tcp** - (default False) If set to true, TCP is used to connect via
       proxy, otherwise UNIX sockets are used.
-    * **sql_proxy_binary_path** - Optional path to Cloud SQL Proxy binary. If the binary
-      is not specified or the binary is not present, it is automatically downloaded.
     * **sql_proxy_version** -  Specific version of the proxy to download (for example
       v1.13). If not specified, the latest version is downloaded.
     * **sslcert** - Path to client certificate to authenticate when SSL is used.
@@ -707,6 +707,7 @@ def __init__(
         gcp_cloudsql_conn_id: str = "google_cloud_sql_default",
         gcp_conn_id: str = "google_cloud_default",
         default_gcp_project_id: str | None = None,
+        sql_proxy_binary_path: str | None = None,
     ) -> None:
         super().__init__()
         self.gcp_conn_id = gcp_conn_id
@@ -722,7 +723,7 @@ def __init__(
         self.use_ssl = self._get_bool(self.extras.get("use_ssl", "False"))
         self.sql_proxy_use_tcp = self._get_bool(self.extras.get("sql_proxy_use_tcp", "False"))
         self.sql_proxy_version = self.extras.get("sql_proxy_version")
-        self.sql_proxy_binary_path = self.extras.get("sql_proxy_binary_path")
+        self.sql_proxy_binary_path = sql_proxy_binary_path
         self.user = self.cloudsql_connection.login
         self.password = self.cloudsql_connection.password
         self.public_ip = self.cloudsql_connection.host

airflow/providers/google/cloud/operators/cloud_sql.py+5 −0 modified

@@ -1045,6 +1045,8 @@ class CloudSQLExecuteQueryOperator(BaseOperator):
        its schema should be gcpcloudsql://.
        See :class:`~airflow.providers.google.cloud.hooks.cloud_sql.CloudSQLDatabaseHook` for
        details on how to define ``gcpcloudsql://`` connection.
+    :param sql_proxy_binary_path: (optional) Path to the cloud-sql-proxy binary.
+          is not specified or the binary is not present, it is automatically downloaded.
     """
 
     # [START gcp_sql_query_template_fields]
@@ -1062,6 +1064,7 @@ def __init__(
         parameters: Iterable | Mapping | None = None,
         gcp_conn_id: str = "google_cloud_default",
         gcp_cloudsql_conn_id: str = "google_cloud_sql_default",
+        sql_proxy_binary_path: str | None = None,
         **kwargs,
     ) -> None:
         super().__init__(**kwargs)
@@ -1071,6 +1074,7 @@ def __init__(
         self.autocommit = autocommit
         self.parameters = parameters
         self.gcp_connection: Connection | None = None
+        self.sql_proxy_binary_path = sql_proxy_binary_path
 
     def _execute_query(self, hook: CloudSQLDatabaseHook, database_hook: PostgresHook | MySqlHook) -> None:
         cloud_sql_proxy_runner = None
@@ -1094,6 +1098,7 @@ def execute(self, context: Context):
             gcp_cloudsql_conn_id=self.gcp_cloudsql_conn_id,
             gcp_conn_id=self.gcp_conn_id,
             default_gcp_project_id=get_field(self.gcp_connection.extra_dejson, "project"),
+            sql_proxy_binary_path=self.sql_proxy_binary_path,
         )
         hook.validate_ssl_certs()
         connection = hook.create_connection()

Vulnerability mechanics

Root cause

"Improper input validation: the `sql_proxy_binary_path` parameter was read from user-controlled connection extras without sanitization, allowing an attacker to specify an arbitrary binary path."

Attack vector

An attacker who can create or modify an Airflow connection of type `gcpcloudsql://` can inject an arbitrary `sql_proxy_binary_path` value via the connection's extras (URI query parameters). When the `CloudSQLDatabaseHook` or `CloudSQLExecuteQueryOperator` processes that connection, it reads the unsanitized path from the extras and uses it to locate the Cloud SQL Proxy binary. This allows an attacker to point the binary path to an attacker-controlled executable, leading to arbitrary code execution on the Airflow worker. No authentication is required beyond the ability to define or influence a Cloud SQL connection.

Affected code

The vulnerability resides in the `CloudSQLDatabaseHook` class in `airflow/providers/google/cloud/hooks/cloud_sql.py` and the `CloudSQLExecuteQueryOperator` class in `airflow/providers/google/cloud/operators/cloud_sql.py`. The `sql_proxy_binary_path` parameter was previously read from connection extras (user-supplied connection URI) rather than being passed explicitly as a hook/operator parameter [patch_id=1641028].

What the fix does

The patch moves `sql_proxy_binary_path` from being read from connection extras (`self.extras.get("sql_proxy_binary_path")`) to being an explicit constructor parameter of both `CloudSQLDatabaseHook` and `CloudSQLExecuteQueryOperator` [patch_id=1641028]. The hook's `__init__` now accepts `sql_proxy_binary_path: str | None = None` and stores that value directly, while the operator passes its own `sql_proxy_binary_path` argument through to the hook. The example DAG is updated to pass the binary path as an operator argument rather than embedding it in the connection URI. This closes the injection vector because an attacker can no longer supply the binary path through connection metadata; it must be explicitly provided in the DAG code.

Preconditions

authAttacker must be able to create or modify a gcpcloudsql:// Airflow connection with a malicious sql_proxy_binary_path in the extras.
configA DAG using CloudSQLExecuteQueryOperator or CloudSQLDatabaseHook must process the attacker-controlled connection.

Generated on May 23, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/apache/airflow/pull/29499ghsapatchWEB
github.com/advisories/GHSA-h8p2-8g72-qpghghsaADVISORY
lists.apache.org/thread/ks4l78l5rwdpmvfn7y7yhs179nyxtlshghsavendor-advisoryWEB
nvd.nist.gov/vuln/detail/CVE-2023-25692ghsaADVISORY

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.002
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000