That's my recollection too. Closing that ticket. On Thu, Feb 16, 2023 at 1:09 PM Trevor Grant <trevor.d.gr...@gmail.com> wrote:
> On 2 (log4j) iirc, we didn't since the vulnerability only affects log4j 2.x > and we're on 1.x > > tg > > On Thu, Feb 16, 2023 at 1:42 PM Andrew Musselman <a...@apache.org> wrote: > > > Looking through our log I see some small improvements along with a new > > version of ridge regression that haven't made it into a release. > > > > Along with that there are several tickets that would be good to get done > > and into a release, including: > > > > Build failed on AArch64, Fedora 33: > > https://issues.apache.org/jira/browse/MAHOUT-2139 (need a repro) > > Update log4j: https://issues.apache.org/jira/browse/MAHOUT-2140 (need to > > decide whether this is necessary) > > Web site check: https://issues.apache.org/jira/browse/MAHOUT-2152 > > Download page improvements: > > https://issues.apache.org/jira/browse/MAHOUT-2153 > > Update NOTICE: https://issues.apache.org/jira/browse/MAHOUT-2154 > > and > > Migrate off Travis: https://issues.apache.org/jira/browse/MAHOUT-2149 > > which > > is required now to roll a release out > > > > We have our community call next Wednesday where we can talk these issues > > through but in the meantime please feel free to grab something and get it > > going. > > > > Thanks! > > > > Best > > Andrew > > >