Todd, On Apr 7, 2011, at 4:22 PM, Todd Lipcon wrote:
Is there a list available of which patches you've made this decision about? I'm curious, for example, about MAPREDUCE-2178 -- as of today, the MR security in trunk has a serious vulnerability. Do we plan on fixing it, or will the answer be that, if anyone needs security, they must update to "MR Next Gen"?
Apologies if my original message was abstruse - I want to ensure that there is no confusion between 'forward-port' and 'merge from yahoo- merge branch'.
Let me try to explain again: there are several forward ports from the hadoop-0.20-2xx (branch-0.20-security) which are complete, including MAPREDUCE-2178. They are currently part of the 'yahoo-merge' branch in MapReduce. These are awaiting a merge into trunk. Trunk (with a few merges from yahoo-merge) will have a complete security implementation.
My message was intended to highlight some small number of features/ bugs which are/will-be in hadoop-0.20.2xx. Here is a nearly complete list of such jiras: MAPREDUCE-517, MAPREDUCE-1872, MAPREDUCE-291, MAPREDUCE-2418, MAPREDUCE-2409, MAPREDUCE-2411. I'll check to ensure there aren't others.
Hope that makes sense. Again, apologies for any confusion I've caused. thanks, Arun
