[
https://issues.apache.org/jira/browse/ZOOKEEPER-1604?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15192245#comment-15192245
]
Eric Yang commented on ZOOKEEPER-1604:
--------------------------------------
Konstantin,
Exim is a soft target for root exploit. I am only stating the obvious to help
Apache projects.
https://www.cvedetails.com/vulnerability-list/vendor_id-10919/product_id-19563/Exim-Exim.html
What you do with this information is entirely up to you. The patch to remove
redhat-lsb-core is located here:
https://issues.apache.org/jira/browse/BIGTOP-1194
Inverse patch it, then your system has one less threat.
What the community does to remove rpm packages from the projects, that is
community's choice. I respect that, but it is also irritating to see that
projects are all tight up to a monolithic packaging project. BigTop copied
packaging technique from HADOOP-6255 to enable support for packaging both deb
and rpm packages for most of the projects surrounding Hadoop. While I
appreciate the hard work that bigtop committers invested in Bigtop. It is just
awkward to use for people that don't want to have the monolithic build system.
It's like a zombie that put on a blue dress to imitate Elsa from Disney Frozen.
The bigtop show just won't work for some parents.
> remove rpm/deb/... packaging
> ----------------------------
>
> Key: ZOOKEEPER-1604
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1604
> Project: ZooKeeper
> Issue Type: Task
> Components: build
> Affects Versions: 3.3.0
> Reporter: Patrick Hunt
> Assignee: Chris Nauroth
> Fix For: 3.5.2, 3.6.0
>
> Attachments: ZOOKEEPER-1604.001.patch, ZOOKEEPER-1604.patch
>
>
> Remove rpm/deb/... packaging from our source repo. Now that BigTop is
> available and fully supporting ZK it's no longer necessary for us to attempt
> to include this.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
