On Aug 27, 2010, at 12:25 AM, Leif Hedstrom wrote: > Hi all, > > I've prepared a new package for a v2.0.1 release. Please take a look at the > artifacts, check the STATUS/README/CHANGES files, and do builds and tests. > Remember that 2.0.x releases only builds on some limited number of Linux > distribution, and no other Unix flavors are supported. > > After finishing your examination of the release candidate, please cast your > +/-/0 votes, I will call the vote on 8/30. The src tar-ball and signatures > are available in > > http://people.apache.org/~zwoop/rel-candidates/ > > > The relevant files are: > > -rw-r--r-- 1 zwoop zwoop 2857437 Aug 26 23:55 trafficserver-2.0.1.tar.bz2 > -rw-r--r-- 1 zwoop zwoop 836 Aug 26 23:55 > trafficserver-2.0.1.tar.bz2.asc > -rw-r--r-- 1 zwoop zwoop 62 Aug 26 23:55 > trafficserver-2.0.1.tar.bz2.md5 > -rw-r--r-- 1 zwoop zwoop 70 Aug 26 23:55 > trafficserver-2.0.1.tar.bz2.sha1 > > > Checksums are: > > SHA1: 2a5fdc36665585908b6ab8d5f063570d8ba4cd02 trafficserver-2.0.1.tar.bz2 > MD5: 94fc8b032eea873a1a4838249c0408a2 trafficserver-2.0.1.tar.bz2 > > > This is primarily a release to address CVE-2010-2952, but a couple of > approved backported patches are also applied. A patch for v2.0.0 is also > available on the dist mirrors, which only addresses the CVE-2010-2952 > incident. > > Special thanks to Tim Brown for reporting the DNS vulnerabilities, and for > giving us ample time to address the deficiencies. >
+1
