Calling this vote with 3 binding +1's. I'll be making a release announcement soon. Thanks to everyone who participated.
On Fri, Jul 3, 2015 at 10:03 AM Phil Sorber <[email protected]> wrote: > +1 Tested on CentOS 6.5 > > > On Thu, Jul 2, 2015 at 4:09 PM Bryan Call <[email protected]> wrote: > >> +1 >> >> Tested on Fedora 22. Signatures and regression passed. >> >> -Bryan >> >> >> > On Jun 29, 2015, at 9:56 PM, Phil Sorber <[email protected]> wrote: >> > >> > Hello All, >> > >> > I've prepared a release for v5.3.1 (RC0) which is the latest stable >> release >> > in the 5.3.x series. This is the second release in our Long Term Support >> > (LTS) version as detailed in our Release Management document: >> > >> > https://cwiki.apache.org/confluence/display/TS/Release+Management >> > >> > Changes since 5.3.0: >> > >> > >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12327092&projectId=12310963 >> > >> > Of special note are two fixes for CVE-2015-3249 that effect the HTTP/2 >> > experimental feature in Apache Traffic Server 5.3.0. They are both DOS >> > attacks and can be avoided by simply disabling HTTP/2 or upgrading. >> > >> > A summary of the new features in 5.3.x are here: >> > >> > https://cwiki.apache.org/confluence/display/TS/What%27s+new+in+v5.3.x >> > >> > Information about upgrading to this release from previous ones is >> available >> > at: >> > >> > https://cwiki.apache.org/confluence/display/TS/Upgrading+to+v5.0 >> > >> > The cache in this release is compatible with the previous 5.x and 4.x >> > releases. >> > >> > The artifacts are available for download at: >> > >> > http://people.apache.org/~sorber/releases/trafficserver/5.3.1-rc0/ >> > >> > MD5: 9c0e2450b1dd1bbdd63ebcc344b5a813 >> > SHA1: 771d3fafac6b8e144376fb16398f03b79f39912f >> > >> > This corresponds to git: >> > >> > Hash: 38b4113f5e9e6aa6c659c4f5e0eaf7db2f1ff67e >> > Tag: 5.3.1-rc0 >> > >> > Which can be verified with the following: >> > >> > git tag -v 5.3.1-rc0 >> > >> > My code signing key is available here: >> > >> > http://people.apache.org/~sorber/gpg-code-signing-key.asc >> > >> > Make sure you refresh from a key server to get all relevant signatures. >> > >> > The vote is open until Jul 2nd 2015. This is shorter than normal >> because it >> > is a bug fix/security release and the holiday weekend. >> > >> > Thanks All! >> >>
