The CVE is for documentation and the hardening of default behavior, it's not your typical zero day.
On Mon, Mar 22, 2021 at 10:53 PM Gary Gregory <[email protected]> wrote: > > You are acknowledging a CVE _before_ a release? > > Gary > > > On Mon, Mar 22, 2021, 15:40 Robert Scholte <[email protected]> wrote: > > > Hi, > > > > For the details about this release, please read > > https://maven.apache.org/docs/3.8.0/release-notes.html > > Also please provide feedback on the release notes. (as you know, these are > > published separately from the release, so it doesn't have to block the > > release itself) > > > > We solved 5 issues: > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922&version=12350003&styleName=Text > > > > There are still a couple of issues left in JIRA: > > > > https://issues.apache.org/jira/issues/?jql=project%20%3D%2012316922%20AND%20resolution%20%3D%20Unresolved%20ORDER%20BY%20key%20DESC%2C%20priority%20DESC > > > > Staging repo: > > https://repository.apache.org/content/repositories/maven-1633/ > > > > > > https://dist.apache.org/repos/dist/release/maven/maven-3/3.8.0/binaries/apache-maven-3.8.0-bin.zip > > > > https://dist.apache.org/repos/dist/release/maven/maven-3/3.8.0/source/apache-maven-3.8.0-src.zip > > > > > > Source release checksum(s): > > > > apache-maven-3.8.0-bin.zip sha512: > > b56da9a0efa45e084e4882b795787fc7b61970d19835635b2db099b91a9854f14e3776a01d569e3f7af9db946a05af91abbfad41cdc5ac09e90df25077dec01e > > > > apache-maven-3.8.0-src.zip sha512: > > 51a1570894e8fb1ef52cb19ce472866745ccae2720e45304edd3cabc212cdf105937c76502558fe87995aea81c41402d7f581cc8e9393af234b64696e9a45893 > > > > > > Staging site: > > https://maven.apache.org/ref/3-LATEST/ > > > > Guide to testing staged releases: > > https://maven.apache.org/guides/development/guide-testing-releases.html > > > > Vote open for at least 72 hours. > > > > [ ] +1 > > [ ] +0 > > [ ] -1 > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
