Consider this: https://issues.apache.org/jira/browse/SOLR-14165 <https://issues.apache.org/jira/browse/SOLR-14165> which prevents rolling upgrade 8.3->8.4 (introduced with 8.4.0).
Jan > 8. jan. 2020 kl. 14:40 skrev Ishan Chattopadhyaya <[email protected]>: > > Tentatively planning to build the RC1 on 9th January night or 10th > January morning (India time). > Thanks, > Ishan > > On Wed, Jan 8, 2020 at 7:09 PM Ishan Chattopadhyaya > <[email protected]> wrote: >> >> I'm waiting for SOLR-14158 to be merged and will build the RC1. If >> there are any fixes that should be backported, in your best judgement, >> please feel free to port them to the branch_8_4 and let me know. >> Thanks and regards, >> Ishan >> >> On Mon, Jan 6, 2020 at 8:17 PM Ishan Chattopadhyaya >> <[email protected]> wrote: >>> >>> Thanks Jan. I'll volunteer! >>> I'd like to include SOLR-14158. It is a security issue. TLDR for that >>> issue: if someone uses package manager and has ZK exposed to external >>> traffic (by mistake or via a breach of outer perimeter), then RCE is >>> possible on all Solr nodes since trusted keys are kept in ZK. We have >>> documented that users mustn't expose ZK when using the package >>> manager, but we feel we should do better and plug that hole. The >>> proposed change in the issue is to store keys in filesystem, which is >>> more secure than storing in ZK. >>> >>> On Mon, Jan 6, 2020 at 8:02 PM Jan Høydahl <[email protected]> wrote: >>>> >>>> I’m calling off the 8.4.1 bugfix release for now. So feel free to grab the >>>> RM chair if you have any other urgent itches to scrach :) >>>> >>>> Jan >>>> >>>>> 6. jan. 2020 kl. 09:36 skrev Jan Høydahl <[email protected]>: >>>>> >>>>> Regarding 8.4.1 release, there won’t be an RC today. >>>>> >>>>> If setting SOLR_SSL_CLIENT_HOSTNAME_VERIFICATION=false proves a viable >>>>> workaorund short term I may not push for an 8.4.1 at all. >>>>> So feel free to continue discussion on whether there are other bugs that >>>>> warrant an 8.4.1 releaes… >>>>> >>>>> Jan >>>>> >>>>>> 3. jan. 2020 kl. 14:57 skrev Jan Høydahl <[email protected]>: >>>>>> >>>>>> Happy new year! >>>>>> >>>>>> I have merged these two fixes into branch_8_4 >>>>>> >>>>>> * SOLR-14106: Cleanup Jetty SslContextFactory usage (Ryan Rockenbaugh, >>>>>> Jan Hoydahl, Kevin Risden) >>>>>> * SOLR-14109: Always log to stdout from >>>>>> server/scripts/cloud-scripts/zkcli.{bat|sh} (janhoy) >>>>>> >>>>>> Still planning to roll a first RC for 8.4.1 release on Monday, so make >>>>>> sure to get your important JIRAs in by then. >>>>>> >>>>>> Jan >>>>>> >>>>>>> 30. des. 2019 kl. 13:14 skrev Jan Høydahl <[email protected]>: >>>>>>> >>>>>>> Hi >>>>>>> >>>>>>> I propose a quick 8.4.1 bugfix release and I volunteer as RM. >>>>>>> >>>>>>> I plan to build RC1 on Monday January 6th, one week from now. >>>>>>> >>>>>>> Feel free to merge bug fixes to branch_8_4, just drop a word here. >>>>>>> As usual, do NOT merge features or large changes that risk the >>>>>>> stability of the release. >>>>>>> Minor fixes to documentation, build system etc won’t need a mention in >>>>>>> CHANGES, unless you want to give credit to a contributor. >>>>>>> >>>>>>> Please leave branch_8_4 Jenkins jobs running. >>>>>>> >>>>>>> -- >>>>>>> Jan Høydahl, Apache Lucene committer >>>>>>> [email protected] >>>>>>> >>>>>> >>>>> >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [email protected] >>>> For additional commands, e-mail: [email protected] >>>> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] >
