Re: An Apache Zookeeper Security Vulnerability

If logging is higher than DEBUG level, the message will not print. The Log.debug() method will check the log level internally. Adding the external check is simply a potential performance optimization. Thanks. On Mon, Aug 12, 2019, 10:41 PM Xiaoqin Fu wrote: > Dear developers: > I am a

An Apache Zookeeper Security Vulnerability

Dear developers: I am a Ph.D. student at Washington State University. I applied dynamic taint analyzer (distTaint) to Apache Zookeeper (version 3.4.11). And then I find a security vulnerability, that exists from 3.4.11-3.4.14 and 3.5.5, from tainted paths. An information leakage from

[jira] [Created] (ZOOKEEPER-3504) An information leakage from FileTxnSnapLog to log:

xiaoqin.fu created ZOOKEEPER-3504: - Summary: An information leakage from FileTxnSnapLog to log: Key: ZOOKEEPER-3504 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3504 Project: ZooKeeper

Re: Two Apache Zookeeper security vulnerabilities

Agreed with Enrico and Patrick, those informations in log seems not critical to me, doesn't sound like a "Security issue". Regards, Fangmin On Mon, Aug 5, 2019 at 10:53 PM Patrick Hunt wrote: > On Mon, Aug 5, 2019 at 10:17 PM Enrico Olivelli > wrote: > > > Xiaoqin > > > > Il giorno mar 6 ago

Jenkins build is still unstable: zookeeper-master-maven-jdk12 #91

See

ZooKeeper_branch35_jdk8 - Build # 1503 - Failure

See https://builds.apache.org/job/ZooKeeper_branch35_jdk8/1503/ ### ## LAST 60 LINES OF THE CONSOLE ### [...truncated 68.51 KB...] [junit] Tests run: 1, Failures:

Jenkins build is back to stable : PreCommit-ZOOKEEPER-github-pr-build-maven #1112

See

Jenkins build became unstable: PreCommit-ZOOKEEPER-github-pr-build-maven #1111

See

Jenkins build became unstable: zookeeper-master-maven-jdk11 #95

See

Jenkins build is back to normal : PreCommit-ZOOKEEPER-github-pr-build-maven #1110

See

Build failed in Jenkins: zookeeper-master-maven-owasp #93

See -- [...truncated 259.35 KB...] Generating