[
https://issues.apache.org/jira/browse/HBASE-7126?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14356338#comment-14356338
]
Hadoop QA commented on HBASE-7126:
----------------------------------
{color:red}-1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12703823/HBASE-7126-v1.patch
against master branch at commit 09e9c92d7699b985f45a48242a24af7c848926f0.
ATTACHMENT ID: 12703823
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+0 tests included{color}. The patch appears to be a
documentation patch that doesn't require tests.
{color:green}+1 hadoop versions{color}. The patch compiles with all
supported hadoop versions (2.4.1 2.5.2 2.6.0)
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. The javadoc tool did not generate any
warning messages.
{color:green}+1 checkstyle{color}. The applied patch does not increase the
total number of checkstyle errors
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 2.0.3) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:red}-1 lineLengths{color}. The patch introduces the following lines
longer than 100:
+Please use link:https://issues.apache.org/jira/browse/hbase[JIRA] to
report non-security-related bugs.
+To protect existing HBase installations from new vulnerabilities, please *do
not* use JIRA to report security-related bugs. Instead, send your report to the
mailing list [email protected], which allows anyone to send messages, but
restricts who can read them. Someone on that list will contact you to follow up
on your report.
+NOTE: To protect existing HBase installations from exploitation, please *do
not* use JIRA to report security-related bugs. Instead, send your report to the
mailing list [email protected], which allows anyone to send messages, but
restricts who can read them. Someone on that list will contact you to follow up
on your report.
+HBase adheres to the Apache Software Foundation's policy on reported
vulnerabilities, available at http://apache.org/security/.
+If you wish to send an encrypted report, you can use the GPG details provided
for the general ASF security list. This will likely increase the response time
to your report.
{color:red}-1 site{color}. The patch appears to cause mvn site goal to
fail.
{color:red}-1 core tests{color}. The patch failed these unit tests:
Test results:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//testReport/
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-hadoop2-compat.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-prefix-tree.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-rest.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-thrift.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-annotations.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-examples.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-client.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-hadoop-compat.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-server.html
Findbugs warnings:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/newPatchFindbugsWarningshbase-protocol.html
Checkstyle Errors:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//artifact/patchprocess/checkstyle-aggregate.html
Console output:
https://builds.apache.org/job/PreCommit-HBASE-Build/13172//console
This message is automatically generated.
> Update website with info on how to report security bugs
> --------------------------------------------------------
>
> Key: HBASE-7126
> URL: https://issues.apache.org/jira/browse/HBASE-7126
> Project: HBase
> Issue Type: Task
> Components: documentation
> Reporter: Eli Collins
> Assignee: Misty Stanley-Jones
> Priority: Critical
> Labels: website
> Fix For: 2.0.0
>
> Attachments: HBASE-7126-v1.patch, HBASE-7126.patch
>
>
> The HBase website should be updated with information on how to report
> potential security vulnerabilities. In Hadoop land we have a private security
> list that anyone case post to that we point to on our list page: Hadoop
> example http://hadoop.apache.org/general_lists.html#Security.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
