Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-14 Thread Chesnay Schepler
The vote duration has passed and we have approved the releases. Binding votes: * Stephan * Till * Xintong * Zhu * Gordon I will not finalize the release. On 13/12/2021 20:28, Chesnay Schepler wrote: Hi everyone, This vote is for the emergency patch releases for 1.11, 1.12, 1.13 and 1.14 to

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-14 Thread Tzu-Li (Gordon) Tai
:dev@flink.apache.org ; Till Rohrmann < > trohrm...@apache.org> > Subject:Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate > #1 > > + 1 (non-binding) for releasing flink-1.13.4 and flink-1.14.1 currently > > > * reviewed blog post > * checked

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-14 Thread Yun Gao
-- From:Yun Tang Send Time:2021 Dec. 14 (Tue.) 18:25 To:dev@flink.apache.org ; Till Rohrmann Subject:Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1 + 1 (non-binding) for releasing flink-1.13.4 and flink-1.14.1 currently * reviewed blog post * checked that the hot fix

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-14 Thread Yun Tang
@flink.apache.org ; Till Rohrmann Subject: Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1 I think that should be possible. On 14/12/2021 10:06, Till Rohrmann wrote: > +1 (binding) > > - reviewed blog post > - verified shasum and signatures > - checked that dif

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-14 Thread Chesnay Schepler
on mac os? [1] https://pypi.org/project/apache-flink/1.11.4/#files Best Yun Tang From: Zhu Zhu Sent: Tuesday, December 14, 2021 11:00 To: dev Subject: Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1 +1 (binding) - verified the differences

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-14 Thread Till Rohrmann
rg/project/apache-flink/1.11.4/#files > > Best > Yun Tang > > From: Zhu Zhu > Sent: Tuesday, December 14, 2021 11:00 > To: dev > Subject: Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate > #1 > > +1 (binding) > &g

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Yun Tang
/#files Best Yun Tang From: Zhu Zhu Sent: Tuesday, December 14, 2021 11:00 To: dev Subject: Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1 +1 (binding) - verified the differences of source releases to the corresponding latest releases

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Zhu Zhu
+1 (binding) - verified the differences of source releases to the corresponding latest releases, there are only dependency updates and release version update commits - verified versions of log4j dependencies in the all binary releases are 2.15.0 - ran example jobs against all the binary releases,

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Xintong Song
+1 (binding) - verified checksum and signature - verified that release candidates only contain the log4j dependency changes compared to previous releases. - release notes and blogpost LGTM Thanks a lot for driving these emergency patch releases, Chesnay! Thank you~ Xintong Song On Tue, Dec

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Chesnay Schepler
I forgot to mention something important: The 1.11/1.12 releases do *NOT* contain flink-python releases for *mac* due to compile problems. On 13/12/2021 20:28, Chesnay Schepler wrote: Hi everyone, This vote is for the emergency patch releases for 1.11, 1.12, 1.13 and 1.14 to address

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Chesnay Schepler
Update: All jars are now available. On 13/12/2021 20:28, Chesnay Schepler wrote: Hi everyone, This vote is for the emergency patch releases for 1.11, 1.12, 1.13 and 1.14 to address CVE-2021-44228. It covers all 4 releases as they contain the same changes (upgrading Log4j to 2.15.0) and were

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Stephan Ewen
+1 (binding) - Verified that commit history is identical to previous release (except dependency upgrade and release version commit) - Verified that the source releases reference updated dependency and binary releases contain updated dependency - Blog post looks good - ran bundled examples

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Seth Wiesman
+1 (non-binding) - Checked Log4J version and updated license preambles on all releases - Verified signatures on sources - Reviewed blog post Seth On Mon, Dec 13, 2021 at 1:42 PM Jing Ge wrote: > +1 LGTM. Many thanks for your effort! > > On Mon, Dec 13, 2021 at 8:28 PM Chesnay Schepler >

Re: [VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Jing Ge
+1 LGTM. Many thanks for your effort! On Mon, Dec 13, 2021 at 8:28 PM Chesnay Schepler wrote: > Hi everyone, > > This vote is for the emergency patch releases for 1.11, 1.12, 1.13 and > 1.14 to address CVE-2021-44228. > It covers all 4 releases as they contain the same changes (upgrading >

[VOTE] Release 1.11.5/1.12.6/1.13.4/1.14.1, release candidate #1

2021-12-13 Thread Chesnay Schepler
Hi everyone, This vote is for the emergency patch releases for 1.11, 1.12, 1.13 and 1.14 to address CVE-2021-44228. It covers all 4 releases as they contain the same changes (upgrading Log4j to 2.15.0) and were prepared simultaneously by the same person. (Hence, if something is broken, it