Re: [VOTE] Release Apache Traffic Server 5.3.1 (RC0)

Fri, 03 Jul 2015 11:37:41 -0700 

+1 also tested on CentOS 6.5.

On 7/3/2015 11:03 AM, Phil Sorber wrote:

+1 Tested on CentOS 6.5
On Thu, Jul 2, 2015 at 4:09 PM Bryan Call <[email protected] <mailto:[email protected]>> wrote: 

    +1

    Tested on Fedora 22.  Signatures and regression passed.

    -Bryan


    > On Jun 29, 2015, at 9:56 PM, Phil Sorber <[email protected]
    <mailto:[email protected]>> wrote:
    >
    > Hello All,
    >
    > I've prepared a release for v5.3.1 (RC0) which is the latest
    stable release
    > in the 5.3.x series. This is the second release in our Long Term
    Support
    > (LTS) version as detailed in our Release Management document:
    >
    > https://cwiki.apache.org/confluence/display/TS/Release+Management
    >
    > Changes since 5.3.0:
    >
    >
    
https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12327092&projectId=12310963
    >
    > Of special note are two fixes for CVE-2015-3249 that effect the
    HTTP/2
    > experimental feature in Apache Traffic Server 5.3.0. They are
    both DOS
    > attacks and can be avoided by simply disabling HTTP/2 or upgrading.
    >
    > A summary of the new features in 5.3.x are here:
    >
    >
    https://cwiki.apache.org/confluence/display/TS/What%27s+new+in+v5.3.x
    >
    > Information about upgrading to this release from previous ones
    is available
    > at:
    >
    > https://cwiki.apache.org/confluence/display/TS/Upgrading+to+v5.0
    >
    > The cache in this release is compatible with the previous 5.x
    and 4.x
    > releases.
    >
    > The artifacts are available for download at:
    >
    >
    http://people.apache.org/~sorber/releases/trafficserver/5.3.1-rc0/
    <http://people.apache.org/%7Esorber/releases/trafficserver/5.3.1-rc0/>
    >
    > MD5: 9c0e2450b1dd1bbdd63ebcc344b5a813
    > SHA1: 771d3fafac6b8e144376fb16398f03b79f39912f
    >
    > This corresponds to git:
    >
    > Hash: 38b4113f5e9e6aa6c659c4f5e0eaf7db2f1ff67e
    > Tag: 5.3.1-rc0
    >
    > Which can be verified with the following:
    >
    > git tag -v 5.3.1-rc0
    >
    > My code signing key is available here:
    >
    > http://people.apache.org/~sorber/gpg-code-signing-key.asc
    <http://people.apache.org/%7Esorber/gpg-code-signing-key.asc>
    >
    > Make sure you refresh from a key server to get all relevant
    signatures.
    >
    > The vote is open until Jul 2nd 2015. This is shorter than normal
    because it
    > is a bug fix/security release and the holiday weekend.
    >
    > Thanks All!

Reply via email to