Ok for me. But I think that means we need to backport ALL known CVE issues that affects 6.x, is that your plan? I'm not sure if we are also expected (by ASF) to upgrade dependencies with known vulnerabilities, e.g. Tika, commons-xxx etc, do you know?
-- Jan Høydahl, search solution architect Cominvent AS - www.cominvent.com > 18. mar. 2019 kl. 08:08 skrev Ishan Chattopadhyaya > <[email protected]>: > > Hi, > There is a severe memory leak bug, > https://issues.apache.org/jira/browse/SOLR-10506 > <https://issues.apache.org/jira/browse/SOLR-10506>, that didn't make it to > the 6x branch at the time of its resolution. > > I propose a 6.6.6 release with that fix (and any others that might be low > hanging, high severity issues). I am volunteering to be the RM for this. > Please let me know if there are any thoughts or objections. > Regards, > Ishan > > Disclaimer: I am primarily interested in this release upon the request of one > of my clients who are impacted by this bug, and I'm proposing to do this > release on their request.
