Hi, Please merge all the required changes to the branch branch_7_7 I shall cut the branch in a day or two
On Mon, Apr 6, 2020 at 6:14 PM jim ferenczi <[email protected]> wrote: > > Hi Paul, > Ignacio have started the release process for a bug fix release of 8.5.1 last > week. > We cannot have two releases at the same time so would you agree to start > 7.7.3 after 8.5.1 is out ? > I'd also like to backport LUCENE-9300 in 7.7 (the reason why we started a. > 8.5.1 release) so don't hesitate if you need help or to delegate the release > if you don't have the time at the moment. > > - Jim > > > Le mar. 18 févr. 2020 à 18:35, Houston Putman <[email protected]> a > écrit : >> >> I've backported SOLR-13v69. After you add in SOLR-14013 Noble, we should be >> good to go with 7.7.3 I think. >> >> - Houston >> >> On Fri, Feb 14, 2020 at 1:17 PM Jan Høydahl <[email protected]> wrote: >>> >>> Falde alarm, I needed to update my branch :) >>> >>> Jan Høydahl >>> >>> 14. feb. 2020 kl. 19:11 skrev Jan Høydahl <[email protected]>: >>> >>> What commit hash is the backport of SOLR-13971? I cannot find it and there >>> is no CHANGES entry…? >>> >>> 14. feb. 2020 kl. 17:52 skrev Ishan Chattopadhyaya >>> <[email protected]>: >>> >>> +1, Houston. That's my understanding as well. Please go ahead with the >>> backport. >>> >>> On Fri, 14 Feb, 2020, 9:02 PM Houston Putman, <[email protected]> >>> wrote: >>>> >>>> It looks like CVE-2019-17558 / SOLR-13971 has already been taken care of: >>>> https://issues.apache.org/jira/browse/SOLR-13971?focusedCommentId=17014356&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17014356 >>>> >>>> So now CVE-2019-0193 / SOLR-13669 should be the only blocker. By the >>>> description in the JIRA, it looks like backporting >>>> https://github.com/apache/lucene-solr/commit/025f8763549151397284af28091cfd360307baa2 >>>> should be enough. Is this correct, or am I missing something? >>>> >>>> - HOuston >>>> >>>> On Thu, Feb 13, 2020 at 12:59 PM Jan Høydahl <[email protected]> wrote: >>>> >>>> I’m afraid I don’t have the bandwidth the next couple of weeks. >>>> >>>> Jan Høydahl >>>> >>>> > 13. feb. 2020 kl. 16:27 skrev Noble Paul <[email protected]>: >>>> > >>>> > Do you wish to backport them? >>>> > >>>> >> On Thu, Feb 13, 2020 at 7:55 PM Jan Høydahl <[email protected]> >>>> >> wrote: >>>> >> >>>> >> According to NVD, there are at least two published CVEs that affects >>>> >> 7.7.2 (CVE-2019-17558 / SOLR-13971 and CVE-2019-0193 / SOLR-13669). We >>>> >> cannot release 7.7.3 with these still present. >>>> >> >>>> >> Jan >>>> >> >>>> >> 13. feb. 2020 kl. 06:42 skrev Noble Paul <[email protected]>: >>>> >> >>>> >> I'm planning to back port SOLR-14013 and do a bug fix release soon. >>>> >> Please let me know if there is anything hat you wish to be included >>>> >> >>>> >> -- >>>> >> ----------------------------------------------------- >>>> >> Noble Paul >>>> >> >>>> >> --------------------------------------------------------------------- >>>> >> To unsubscribe, e-mail: [email protected] >>>> >> For additional commands, e-mail: [email protected] >>>> >> >>>> >> >>>> > >>>> > >>>> > -- >>>> > ----------------------------------------------------- >>>> > Noble Paul >>>> > >>>> > --------------------------------------------------------------------- >>>> > To unsubscribe, %-mail: [email protected] >>>> > For additional commands, e-mail: [email protected] >>>> > >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [email protected] >>>> For additional commands, e-mail: [email protected] >>>> >>> -- ----------------------------------------------------- Noble Paul --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
