Re: Backport plan for reported CVEs on 1.13.x branch

[Kirk Lund]

Hi Ankush,

We are in need of more contributors if you're interested in helping!

At this point, we're trying to get a new CI up and running. Then we hope to
maintain the latest version 1.15.x and eventually discuss the feasibility
of new minor or major releases.

Regards,
Kirk

On Tue, Dec 6, 2022 at 5:58 AM Ankush Mittal 
wrote:

> Hi All,
>
> Some of the vulnerabilities reported under [0] seems to be fix in latest
> version of Geode i.e. 1.15.x but fix version doesn’t include 1.13.x, while
> 1.13.x is also impacted. [1]
> Can someone please confirm if the vulnerabilities fix will make it to
> 1.13.9 and what will be the tentative release schedule of the same.
> [2] doesn’t include the release schedule.
>
> Any inputs will be helpful in this regard!
>
> -Thanks & Regards
> Ankush Mittal
>
> [0] https://issues.apache.org/jira/browse/GEODE-10415
> [1] https://issues.apache.org/jira/browse/GEODE-10406
> [2] https://cwiki.apache.org/confluence/display/GEODE/Release+Schedule
>

Backport plan for reported CVEs on 1.13.x branch

[Ankush Mittal]

Hi All,

Some of the vulnerabilities reported under [0] seems to be fix in latest 
version of Geode i.e. 1.15.x but fix version doesn’t include 1.13.x, while 
1.13.x is also impacted. [1]
Can someone please confirm if the vulnerabilities fix will make it to 1.13.9 
and what will be the tentative release schedule of the same.
[2] doesn’t include the release schedule.

Any inputs will be helpful in this regard!

-Thanks & Regards
Ankush Mittal

[0] https://issues.apache.org/jira/browse/GEODE-10415
[1] https://issues.apache.org/jira/browse/GEODE-10406
[2] https://cwiki.apache.org/confluence/display/GEODE/Release+Schedule