The good news is: we need to release 3.4.15 too. :) Andor
> On 2019. Sep 30., at 20:26, Patrick Hunt <[email protected]> wrote: > > created: https://issues.apache.org/jira/browse/ZOOKEEPER-3563 > > On Mon, Sep 30, 2019 at 11:20 AM Patrick Hunt <[email protected]> wrote: > >> -1 - when I run dependency check on the release candidate artifact it's >> failing with: >> >> [ERROR] netty-transport-4.1.29.Final.jar: CVE-2019-16869 >> >> I ran this on trunk and it's passing, as such it must be an issue with the >> the 3.5.6 netty version specifically. It's listed as a high, we should >> patch this as well before releasing. >> >> Patrick >> >> >> On Sun, Sep 29, 2019 at 7:29 AM Enrico Olivelli <[email protected]> >> wrote: >> >>> This is a bugfix release candidate for 3.5.6. >>> >>> It fixes 28 issues, including upgrade of third party libraries, >>> TTL Node APIs for C API, support for PCKS12 Keystores, and better >>> procedure >>> for the upgrade of servers from 3.4 to 3.5. >>> >>> The full release notes is available at: >>> >>> >>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12345243 >>> >>> *** Please download, test and vote by October 2nd 2019, 23:59 UTC+0. *** >>> >>> Source files: >>> https://people.apache.org/~eolivelli/zookeeper-3.5.6-candidate-2 >>> >>> Maven staging repo: >>> >>> https://repository.apache.org/content/repositories/orgapachezookeeper-1042/ >>> >>> The release candidate tag in git to be voted upon: release-3.5.6-rc2 >>> https://github.com/apache/zookeeper/tree/release-3.5.6-rc2 >>> >>> ZooKeeper's KEYS file containing PGP keys we use to sign the release: >>> https://www.apache.org/dist/zookeeper/KEYS >>> >>> Should we release this candidate? >>> Enrico Olivelli >>> >>
