date:20200930

[jira] [Resolved] (ZOOKEEPER-3798) remove the useless code in the ProposalRequestProcessor#processRequest

2020-09-30 Thread Michael Han (Jira)



 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3798?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Han resolved ZOOKEEPER-3798.

Fix Version/s: (was: 3.7.0)
   3.6.3
   Resolution: Fixed

Issue resolved by pull request 1335
[https://github.com/apache/zookeeper/pull/1335]

> remove the useless code in the ProposalRequestProcessor#processRequest
> --
>
> Key: ZOOKEEPER-3798
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3798
> Project: ZooKeeper
>  Issue Type: Improvement
>  Components: server
>Reporter: maoling
>Priority: Minor
>  Labels: pull-request-available
> Fix For: 3.6.3
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> remove the following useless codes in the 
> ProposalRequestProcessor#processRequest
> {code:java}
> public void processRequest(Request request) throws RequestProcessorException {
> // LOG.warn("Ack>>> cxid = " + request.cxid + " type = " +
> // request.type + " id = " + request.sessionId);
> // request.addRQRec(">prop");
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Assigned] (ZOOKEEPER-3858) Add metrics to track server unavailable time

2020-09-30 Thread Michael Han (Jira)



 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Han reassigned ZOOKEEPER-3858:
--

Assignee: Jie Huang

> Add metrics to track server unavailable time
> 
>
> Key: ZOOKEEPER-3858
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3858
> Project: ZooKeeper
>  Issue Type: Improvement
>  Components: metric system
>Reporter: Jie Huang
>Assignee: Jie Huang
>Priority: Minor
> Fix For: 3.6.3
>
>  Time Spent: 20m
>  Remaining Estimate: 0h
>
> These metrics track the time when a ZooKeeper server is up and running but 
> not serving client traffic because it is not part of a quorum. They don't 
> track the hardware down time or ZooKeeper process down time.  
> UNAVAILABLE_TIME: time between LOOKING and BROADCAST
> LEADER_UNAVAILABLE_TIME: time between LOOKING and BROADCAST on the leader
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (ZOOKEEPER-3858) Add metrics to track server unavailable time

2020-09-30 Thread Michael Han (Jira)



 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Han resolved ZOOKEEPER-3858.

Fix Version/s: (was: 3.7.0)
   3.6.3
   Resolution: Fixed

Issue resolved by pull request 1378
[https://github.com/apache/zookeeper/pull/1378]

> Add metrics to track server unavailable time
> 
>
> Key: ZOOKEEPER-3858
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3858
> Project: ZooKeeper
>  Issue Type: Improvement
>  Components: metric system
>Reporter: Jie Huang
>Priority: Minor
> Fix For: 3.6.3
>
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> These metrics track the time when a ZooKeeper server is up and running but 
> not serving client traffic because it is not part of a quorum. They don't 
> track the hardware down time or ZooKeeper process down time.  
> UNAVAILABLE_TIME: time between LOOKING and BROADCAST
> LEADER_UNAVAILABLE_TIME: time between LOOKING and BROADCAST on the leader
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (ZOOKEEPER-3841) remove useless codes in the Leader.java

2020-09-30 Thread Michael Han (Jira)



 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Han resolved ZOOKEEPER-3841.

Fix Version/s: 3.6.3
   Resolution: Fixed

Issue resolved by pull request 1394
[https://github.com/apache/zookeeper/pull/1394]

> remove useless codes in the Leader.java
> ---
>
> Key: ZOOKEEPER-3841
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3841
> Project: ZooKeeper
>  Issue Type: Improvement
>  Components: server
>Reporter: maoling
>Priority: Minor
> Fix For: 3.6.3
>
>  Time Spent: 20m
>  Remaining Estimate: 0h
>
> - There are some useless code in the Leader.java which were comment out.
> - Pls recheck all the things in this class to clear up
> e.g:
> {code:java}
> // Everything is a go, simply start counting the ticks
> // WARNING: I couldn't find any wait statement on a synchronized
> // block that would be notified by this notifyAll() call, so
> // I commented it out
> //synchronized (this) {
> //notifyAll();
> //}
> {code}
> {code:java}
> //turnOffFollowers();
> {code}
> {code:java}
> //LOG.warn("designated leader is: " + designatedLeader);
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712

2020-09-30 Thread Manjunath Mandya Surendrakumar (Jira)



 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Manjunath Mandya Surendrakumar updated ZOOKEEPER-3933:
--
Comment: was deleted

(was: Hi,

Thanks for this fix.

Could you please tell me, when is the fixed version 3.5.9 will be released?

Regards
 Manjunath)

> owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712
> ---
>
> Key: ZOOKEEPER-3933
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3933
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security
>Affects Versions: 3.7.0, 3.5.8, 3.6.2
>Reporter: Patrick D. Hunt
>Priority: Blocker
> Fix For: 3.7.0, 3.5.9, 3.6.3
>
>
> dependency-check is failing with:
> json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ZOOKEEPER-3731) Disable HTTP TRACE Method

2020-09-30 Thread Michel Wigbers (Jira)



[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3731?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17204491#comment-17204491
 ] 

Michel Wigbers commented on ZOOKEEPER-3731:
---

Guardian360 is reporting this as a security issue

> Disable HTTP TRACE Method
> -
>
> Key: ZOOKEEPER-3731
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3731
> Project: ZooKeeper
>  Issue Type: Improvement
>Affects Versions: 3.5.7
>Reporter: Aaron
>Priority: Critical
>
> ZooKeeper uses embedded jetty which allows TRACE method by default. This is a 
> widely-known security concern. Please disable HTTP TRACE method.
>  
> CVE-2004-2320, CVE-2010-0386, CVE-2003-1567 for more info.
>  
> Example:
> {quote}{{$ curl -vX TRACE 10.32.99.185:8080}}
> {{* Rebuilt URL to: 10.32.99.185:8080/}}
> {{* Trying 10.32.99.185...}}
> {{* TCP_NODELAY set}}
> {{* Connected to 10.32.99.185 (10.32.99.185) port 8080 (#0)}}
> {{> TRACE / HTTP/1.1}}
> {{> Host: 10.32.99.185:8080}}
> {{> User-Agent: curl/7.59.0}}
> {{> Accept: */*}}
> {{>}}
> {{< HTTP/1.1 200 OK}}
> {{< Date: Tue, 18 Feb 2020 12:38:35 GMT}}
> {{< Content-Type: message/http}}
> {{< Content-Length: 81}}
> {{< Server: Jetty(9.4.17.v20190418)}}
> {{<}}
> {{TRACE / HTTP/1.1}}
> {{User-Agent: curl/7.59.0}}
> {{Accept: */*}}
> {{Host: 10.32.99.185:8080}}
> {{* Connection #0 to host 10.32.99.185 left intact}}{quote}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (ZOOKEEPER-3798) remove the useless code in the ProposalRequestProcessor#processRequest

[jira] [Assigned] (ZOOKEEPER-3858) Add metrics to track server unavailable time

[jira] [Resolved] (ZOOKEEPER-3858) Add metrics to track server unavailable time

[jira] [Resolved] (ZOOKEEPER-3841) remove useless codes in the Leader.java

[jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712

[jira] [Commented] (ZOOKEEPER-3731) Disable HTTP TRACE Method

6 matches

Site Navigation

Mail list logo

Footer information