Thank you all for voting on the Apache Ratis Release 2.0.0 rc4. Vote passes with 7 +1 binding votes 2 +1 non-binding votes 0 -1 votes
+1 votes from Elek Marton (binding) Shashikant Banerjee (binding) Lokesh Jain (binding) Tsz Wo Nicholas Sze (binding) Xiaoyu Yao (binding) Hanisha Koneru (binding) Runzhiwang (binding) Chris Nauroth (non-binding) Rui Wang (non-binding) Regards runzhiwang Tsz Wo Sze <[email protected]> 于2021年3月23日周二 下午12:09写道: > Hi runzhiwang, > > I checked the vulnerabilities. Both vulnerabilities are related to Http so > that Ratis is not affected as mentioned by Marton. I agree that we can > continue the release. Thanks a lot. > > Tsz-Wo > > > On Tue, Mar 23, 2021 at 10:52 AM runzhiwang <[email protected]> > wrote: > > > > As far as I understood Ratis/Ozone are not affected by these > > > vulnerabilities. > > > > > I am +1 to create new ratis-thirdparty release, but IMHO we don't need > > > to cancel the current 2.0.0 vote, we can close it and release the > > > artifacts > > > > @Tsz-wo What do you think ? > > > > Arpit Agarwal <[email protected]> 于2021年3月23日周二 上午5:58写道: > > > > > Can we conclude this vote now? > > > > > > > On Mar 22, 2021, at 7:38 AM, Elek, Marton <[email protected]> wrote: > > > > > > > > > > > > > > > > On 3/20/21 3:48 AM, Tsz Wo Sze wrote: > > > >> In https://issues.apache.org/jira/browse/RATIS-1342 , we have > bumped > > > Netty > > > >> version to 4.1.60.Final in ratis-thirdparty due to the Netty > > > >> vulnerabilities. > > > >> - > > > https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2 > > > >> - > > > https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj > > > >> Should we also have a ratis-thridparty release? > > > >> > > > > > > > > As far as I understood Ratis/Ozone are not affected by these > > > vulnerabilities. > > > > > > > > I am +1 to create new ratis-thirdparty release, but IMHO we don't > need > > > to cancel the current 2.0.0 vote, we can close it and release the > > > artifacts... > > > > > > > > Marton > > > > > > > > >
