I canceled this vote, and will do recut the Camel 2.14.2 later today. Please don’t merge any patch to camel-2.14.x today.
-- Willem Jiang Red Hat, Inc. Web: http://www.redhat.com Blog: http://willemjiang.blogspot.com (English) http://jnn.iteye.com (Chinese) Twitter: willemjiang Weibo: 姜宁willem On March 3, 2015 at 2:35:50 PM, Willem Jiang (willem.ji...@gmail.com) wrote: > We should include the patch in the new release of Camel 2.14.2. > So I change my vote to -1 and will do a new cut of it shortly. > > > -- > Willem Jiang > > Red Hat, Inc. > Web: http://www.redhat.com > Blog: http://willemjiang.blogspot.com (English) > http://jnn.iteye.com (Chinese) > Twitter: willemjiang > Weibo: 姜宁willem > > > > On March 2, 2015 at 3:23:26 PM, Siano, Stephan (stephan.si...@sap.com) wrote: > > Hi, > > > > The version does still contain the XXE vulnerability for XPath and the > > XmlConverter > > (CAMEL-8311 and CAMEL-8312). I think this is about as serious as the issues > > from CVE-2014-0002 > > and CVE-2014-0003, so these two patches should really be in there. > > > > -1 (non binding) > > > > Best regards > > Stephan > > > > -----Original Message----- > > From: Willem Jiang [mailto:willem.ji...@gmail.com] > > Sent: Samstag, 28. Februar 2015 14:29 > > To: dev@camel.apache.org > > Subject: [VOTE] Release Camel 2.14.1 > > > > This is a vote to release Apache Camel 2.14.2, a patch release coming > > with about 94 issues fixed. > > > > Release notes: > > 2.14.2 > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12329070&styleName=Html&projectId=12311211 > > > > > > > > Staging repo: > > 2.14.2 > > https://repository.apache.org/content/repositories/orgapachecamel-1024 > > > > > > Tarballs: > > 2.14.2 > > https://repository.apache.org/content/repositories/orgapachecamel-1024/org/apache/camel/apache-camel/2.14.2/ > > > > > > > > Tag: > > 2.14.2 > > https://git-wip-us.apache.org/repos/asf?p=camel.git;a=tag;h=c8ab49cbaa9c5c8ae776176f7703f5d757fd10cd > > > > > > Please test this release candidate and cast your vote. > > [ ] +1 Release the binary as Apache Camel 2.14.2 > > [ ] -1 Veto the release (provide specific comments) > > Vote is open for at least 72 hours. > > > > -- > > Willem Jiang > > > > Red Hat, Inc. > > Web: http://www.redhat.com > > Blog: http://willemjiang.blogspot.com (English) > > http://jnn.iteye.com (Chinese) > > Twitter: willemjiang > > Weibo: 姜宁willem > > > > > > > > > >
