CVE-2020-35451: Oozie local privilege escalation

[Gézapeti Cseh <gezapeti () apache org>]

Description:

There is a race condition in OozieSharelibCLI which allows a malicious
attacker to replace the files in Oozie's sharelib during it's
creation.

A race condition in OozieSharelibCLI allows an attacker to replace the
contents of the sharelib.  This issue affects Apache Oozie versions
prior to 5.2.1.

Mitigation:

Validate the contents of the sharelib after uploading.

Credit:

The Apache Oozie PMC would like to thank Jonathan Leitschuh for
reporting the issue