+1 (non binding I guess)
> On Oct 23, 2014, at 12:21 PM, Rafael Schloming <r...@alum.mit.edu> wrote: > > Hi Everyone, > > I've put together RC4. This is pretty much the same as RC3 with a number of > fixes to disable those SSL versions that are vulnerable to attack. > > The sources are available here: > > - http://people.apache.org/~rhs/qpid-proton-0.8rc4/ > > Java binaries are here: > > - https://repository.apache.org/content/repositories/orgapacheqpid-1020/ > > Changes since RC3: > > - PROTON-724: make sure to pop any pending output in > pn_transport_close_head() > - PROTON-720: [Windows IO] fix format specifier to print string > - added dispatch utility > - fixed error message > - fixed Collector.put > - PROTON-719 : prevent ssl3 connections in Windows with schannel > - PROTON-717: disable SSLv3 > - PROTON-717: mitigate the CRIME SSL vulnerability > - PROTON-716: reject connections using SSLv3 - it is insecure > > Please check the sources out and register your vote: > > [ ] Yes, release Proton 0.8 RC4 as 0.8 final. > [ ] No, because... > > --Rafael
