Hi Denes, Great idea, thanks for volunteering. What is the CVE fix for Jetty you're referring to? This one? https://github.com/apache/oozie/commit/f1e01a9e155692aa5632f4573ab1b3ebeab7ef45
Andras On Mon, Feb 1, 2021 at 2:41 PM Gézapeti <gezap...@apache.org> wrote: > Hey Denes, > > I'm happy to hear this! I'm good with a 5.2.1 release with the fixes > you've proposed. > Can you get the ball rolling on the branch-5.2 with cherry-picks? > I think you can commit cherry-picks if there are no conflicts. > > Thanks again, > gp > > On 2021/01/30 14:21:56, D��nes Bod�� <dionu...@apache.org> wrote: > > Hi gp! > > > > There is a couple of improvement and fix in Cloudera repository which > are intended to be merged into Apache upstream. Thus I recommend to have an > 5.2.1 release with only critical fixes not to risk stability. > > These are the ones I thought about: > > * OOZIE-3601 Upgrade quartz to 2.3.2 > > * OOZIE-3549 Add back support for truststore passwords > > * CVE fix for Jetty > > > > Let me know your thougs, please. > > > > Thanks, > > Denes > > > > On 2021/01/21 20:18:17, Gézapeti Cseh <gezap...@apache.org> wrote: > > > Hi Oozie team, > > > > > > I'd like to have a new Oozie release soon-ish. There are great > > > improvements in the master which are waiting to go out. > > > Are there any outstanding tickets you want to see in the next release > and > > > we should wait for? > > > > > > gp > > > > > >
