+1 (binding) I did the following tests:
- verified checksum and gpg signature of the artifacts - I built the source code (incl. the C-client, using -Pfull-build) on Mac - all the java unit tests passed for me - apache-rat passed - checkstyle and spotbugs passed - owasp (CVE check) passed - verified TLS v1.3 connectivity (both quorum and client) - run zk-smoketest.py and zk-latencies.py on a 3-node ensemble successfully - compared generated release notes ( https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.6-candidate-1/website/releasenotes.html) with Jira ( https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12356280 ) Andor > On Jan 28, 2026, at 14:40, Andor Molnár <[email protected]> wrote: > > Hi team, > > This is a release candidate for 3.8.6. > > This is a minor release with bug- and security fixes. Important to note the > upgrade of > Jetty / Netty / Jline libraries to address recent CVEs. > > The full release notes is available at: > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12356280 > > *** Please download, test and vote by February 6th 2026, 23:59 UTC+0. *** > > Source files: > https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.6-candidate-1/ > > Maven staging repo: > https://repository.apache.org/content/repositories/orgapachezookeeper-1114/ > > The release candidate tag in git to be voted upon: release-3.8.6-1 > https://github.com/apache/zookeeper/tree/release-3.8.6-1 > > ZooKeeper's KEYS file containing PGP keys we use to sign the release: > https://www.apache.org/dist/zookeeper/KEYS > > The staging version of the website is: > https://dist.apache.org/repos/dist/dev/zookeeper/zookeeper-3.8.6-candidate-1/website/index.html > > Should we release this candidate? > > Andor > >
