Checking the OWASP output, we have a few CVEs coming from Omid. Should we do a CVE fix release of Omid before 5.2.2 ?
Istvan On Fri, Mar 14, 2025 at 7:17 AM Istvan Toth <st...@cloudera.com> wrote: > Thank you. > It turns out that I haven't actually committed the PR for HBase 2.5.11. I > have done that now. > > Istvan > > On Thu, Mar 13, 2025 at 8:58 PM Viraj Jasani <vjas...@apache.org> wrote: > >> This would be great! We need to take one final round of CVE list to ensure >> we have covered majority that we can. >> Otherwise, we will mostly see backport of PHOENIX-5117 to 5.2 branch by >> Palash, it should be useful. Once done, we can start 5.2.2 release soon. >> >> While I am not volunteering for 5.2.2, Lokesh might be interested. >> >> >> On Wed, Mar 12, 2025 at 10:50 PM Istvan Toth <st...@apache.org> wrote: >> >> > Hi! >> > >> > I've merged the Hadoop 2.6.2/2.511 updates to Phoenix. >> > I think that the ConnectionInfo pref regression is also fixed. >> > >> > I think that this would be a good time to start working on a 5.2.2 >> release >> > to fix the ConnectionInfo issues and to minimize our CVE exposure. >> > >> > WDYT ? Do you have outstanding issues that you want fixed in 5.2.2 ? >> > Do you have some other objection to starting the release process >> soon-ish ? >> > >> > The only outstanding task in my mind is the regular pre-release CVE >> check >> > and fix pass. >> > It would also be great to improve test stability, but I do not >> > consider that a blocker. >> > >> > If we agree on the release, would someone volunteer to be the RM ? >> > >> > Istvan >> > >> > > > -- > *István Tóth* | Sr. Staff Software Engineer > *Email*: st...@cloudera.com > cloudera.com <https://www.cloudera.com> > [image: Cloudera] <https://www.cloudera.com/> > [image: Cloudera on Twitter] <https://twitter.com/cloudera> [image: > Cloudera on Facebook] <https://www.facebook.com/cloudera> [image: > Cloudera on LinkedIn] <https://www.linkedin.com/company/cloudera> > ------------------------------ > ------------------------------ > -- *István Tóth* | Sr. Staff Software Engineer *Email*: st...@cloudera.com cloudera.com <https://www.cloudera.com> [image: Cloudera] <https://www.cloudera.com/> [image: Cloudera on Twitter] <https://twitter.com/cloudera> [image: Cloudera on Facebook] <https://www.facebook.com/cloudera> [image: Cloudera on LinkedIn] <https://www.linkedin.com/company/cloudera> ------------------------------ ------------------------------
