[jira] [Commented] (KAFKA-15945) Flaky test - testSyncTopicConfigs() – org.apache.kafka.connect.mirror.integration.MirrorConnectorsIntegrationBaseTest
[ https://issues.apache.org/jira/browse/KAFKA-15945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17791951#comment-17791951 ] Atul Sharma commented on KAFKA-15945: - Raised PR: https://github.com/apache/kafka/pull/14893 > Flaky test - testSyncTopicConfigs() – > org.apache.kafka.connect.mirror.integration.MirrorConnectorsIntegrationBaseTest > - > > Key: KAFKA-15945 > URL: https://issues.apache.org/jira/browse/KAFKA-15945 > Project: Kafka > Issue Type: Bug > Components: mirrormaker >Affects Versions: 3.7.0 >Reporter: Andrew Schofield >Priority: Major > Labels: flaky-test > > Last seen: > https://ci-builds.apache.org/blue/organizations/jenkins/Kafka%2Fkafka-pr/detail/PR-14811/7/tests > Error > org.opentest4j.AssertionFailedError: `delete.retention.ms` should be 2000, > because it's explicitly defined on the target topic! ==> expected: <2000> > but was: <8640> > Stacktrace > org.opentest4j.AssertionFailedError: `delete.retention.ms` should be 2000, > because it's explicitly defined on the target topic! ==> expected: <2000> > but was: <8640> > at > app//org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:151) > at > app//org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:132) > at > app//org.junit.jupiter.api.AssertEquals.failNotEqual(AssertEquals.java:197) > at > app//org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:182) > at > app//org.junit.jupiter.api.Assertions.assertEquals(Assertions.java:1152) > at > app//org.apache.kafka.connect.mirror.integration.MirrorConnectorsIntegrationBaseTest.lambda$testSyncTopicConfigs$8(MirrorConnectorsIntegrationBaseTest.java:780) > at > app//org.apache.kafka.test.TestUtils.lambda$waitForCondition$3(TestUtils.java:331) > at > app//org.apache.kafka.test.TestUtils.retryOnExceptionWithTimeout(TestUtils.java:379) > at > app//org.apache.kafka.test.TestUtils.waitForCondition(TestUtils.java:328) > at > app//org.apache.kafka.test.TestUtils.waitForCondition(TestUtils.java:312) > at > app//org.apache.kafka.test.TestUtils.waitForCondition(TestUtils.java:302) > at > app//org.apache.kafka.connect.mirror.integration.MirrorConnectorsIntegrationBaseTest.testSyncTopicConfigs(MirrorConnectorsIntegrationBaseTest.java:774) > at > java.base@17.0.7/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > at > java.base@17.0.7/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) > at > java.base@17.0.7/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.base@17.0.7/java.lang.reflect.Method.invoke(Method.java:568) > at > app//org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:728) > at > app//org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60) > at > app//org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:131) > at > app//org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:156) > at > app//org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:147) > at > app//org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:86) > at > app//org.junit.jupiter.engine.execution.InterceptingExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(InterceptingExecutableInvoker.java:103) > at > app//org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.lambda$invoke$0(InterceptingExecutableInvoker.java:93) > at > app//org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:106) > at > app//org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:64) > at > app//org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:45) > at > app//org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:37) > at > app//org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.invoke(InterceptingExecutableInvoker.java:92) > at > app//org.junit.jupiter.engine.execution.InterceptingExecutableInvoker.invoke(InterceptingExecutableInvoker.java:86) > at >
[jira] [Created] (KAFKA-15644) Fix CVE-2023-4586 in netty:handler
Atul Sharma created KAFKA-15644: --- Summary: Fix CVE-2023-4586 in netty:handler Key: KAFKA-15644 URL: https://issues.apache.org/jira/browse/KAFKA-15644 Project: Kafka Issue Type: Bug Reporter: Atul Sharma Assignee: Atul Sharma Need to remediate CVE-2023-4586 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4586 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (KAFKA-15610) Fix `CoreUtils.swallow()` test gaps
[ https://issues.apache.org/jira/browse/KAFKA-15610?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Atul Sharma reassigned KAFKA-15610: --- Assignee: Atul Sharma > Fix `CoreUtils.swallow()` test gaps > --- > > Key: KAFKA-15610 > URL: https://issues.apache.org/jira/browse/KAFKA-15610 > Project: Kafka > Issue Type: Bug >Reporter: Ismael Juma >Assignee: Atul Sharma >Priority: Minor > Labels: newbie > > For example, it should verify that the passed in `logging` is used in case of > an exception. We found that there is no test for this in > https://github.com/apache/kafka/pull/14529#discussion_r1355277747. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-15610) Fix `CoreUtils.swallow()` test gaps
[ https://issues.apache.org/jira/browse/KAFKA-15610?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=1038#comment-1038 ] Atul Sharma commented on KAFKA-15610: - Hi [~ijuma], can i take this? > Fix `CoreUtils.swallow()` test gaps > --- > > Key: KAFKA-15610 > URL: https://issues.apache.org/jira/browse/KAFKA-15610 > Project: Kafka > Issue Type: Bug >Reporter: Ismael Juma >Priority: Minor > Labels: newbie > > For example, it should verify that the passed in `logging` is used in case of > an exception. We found that there is no test for this in > https://github.com/apache/kafka/pull/14529#discussion_r1355277747. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (KAFKA-15521) Refactor build.gradle to align gradle swagger plugin with swagger dependencies
[ https://issues.apache.org/jira/browse/KAFKA-15521?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Atul Sharma reassigned KAFKA-15521: --- Assignee: Atul Sharma > Refactor build.gradle to align gradle swagger plugin with swagger dependencies > -- > > Key: KAFKA-15521 > URL: https://issues.apache.org/jira/browse/KAFKA-15521 > Project: Kafka > Issue Type: Improvement > Components: build >Reporter: Mickael Maison >Assignee: Atul Sharma >Priority: Major > > We use both the Swagger Gradle plugin > "io.swagger.core.v3.swagger-gradle-plugin" and 2 Swagger dependencies > swaggerAnnotations and swaggerJaxrs2. The version for the Gradle plugin is in > build.gradle while the version for the dependency is in > gradle/dependencies.gradle. > When we upgrade the version of one or the other it sometimes cause build > breakages, for example https://github.com/apache/kafka/pull/13387 and > https://github.com/apache/kafka/pull/14464 > We should try to have the version defined in a single place to avoid breaking > the build again. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-15521) Refactor build.gradle to align gradle swagger plugin with swagger dependencies
[ https://issues.apache.org/jira/browse/KAFKA-15521?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17771334#comment-17771334 ] Atul Sharma commented on KAFKA-15521: - Hi, [~mimaison] can i take this up? > Refactor build.gradle to align gradle swagger plugin with swagger dependencies > -- > > Key: KAFKA-15521 > URL: https://issues.apache.org/jira/browse/KAFKA-15521 > Project: Kafka > Issue Type: Improvement > Components: build >Reporter: Mickael Maison >Priority: Major > > We use both the Swagger Gradle plugin > "io.swagger.core.v3.swagger-gradle-plugin" and 2 Swagger dependencies > swaggerAnnotations and swaggerJaxrs2. The version for the Gradle plugin is in > build.gradle while the version for the dependency is in > gradle/dependencies.gradle. > When we upgrade the version of one or the other it sometimes cause build > breakages, for example https://github.com/apache/kafka/pull/13387 and > https://github.com/apache/kafka/pull/14464 > We should try to have the version defined in a single place to avoid breaking > the build again. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (KAFKA-15338) The metric group documentation for metrics added in KAFKA-13945 is incorrect
[ https://issues.apache.org/jira/browse/KAFKA-15338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Atul Sharma reassigned KAFKA-15338: --- Assignee: Atul Sharma > The metric group documentation for metrics added in KAFKA-13945 is incorrect > > > Key: KAFKA-15338 > URL: https://issues.apache.org/jira/browse/KAFKA-15338 > Project: Kafka > Issue Type: Bug > Components: streams >Affects Versions: 3.3.0, 3.4.0, 3.3.1, 3.3.2, 3.5.0, 3.4.1, 3.5.1 >Reporter: Neil Buesing >Assignee: Atul Sharma >Priority: Trivial > Labels: beginner, newbie > > ops.html (docs/streams/ops.html) incorrectly states that the metrics type is > "stream-processor-node-metrics", but in looking at the metrics and inspecting > the code in TopicMetrics, these metrics have a type of "stream-topic-metrics". > 4 metrics are in error "bytes-consumed-total", "bytes-produced-total", > "records-consumed-total", and "records-produced-total". > Looks like the type was changed from the KIP, and the documentation still > reflects the KIP. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-15338) The metric group documentation for metrics added in KAFKA-13945 is incorrect
[ https://issues.apache.org/jira/browse/KAFKA-15338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17754935#comment-17754935 ] Atul Sharma commented on KAFKA-15338: - can i pick this up? > The metric group documentation for metrics added in KAFKA-13945 is incorrect > > > Key: KAFKA-15338 > URL: https://issues.apache.org/jira/browse/KAFKA-15338 > Project: Kafka > Issue Type: Bug > Components: streams >Affects Versions: 3.3.0, 3.4.0, 3.3.1, 3.3.2, 3.5.0, 3.4.1, 3.5.1 >Reporter: Neil Buesing >Priority: Trivial > Labels: beginner, newbie > > ops.html (docs/streams/ops.html) incorrectly states that the metrics type is > "stream-processor-node-metrics", but in looking at the metrics and inspecting > the code in TopicMetrics, these metrics have a type of "stream-topic-metrics". > 4 metrics are in error "bytes-consumed-total", "bytes-produced-total", > "records-consumed-total", and "records-produced-total". > Looks like the type was changed from the KIP, and the documentation still > reflects the KIP. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-15020) integration.kafka.server.FetchFromFollowerIntegrationTest.testRackAwareRangeAssignor test is flaky
[ https://issues.apache.org/jira/browse/KAFKA-15020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17726147#comment-17726147 ] Atul Sharma commented on KAFKA-15020: - https://ci-builds.apache.org/job/Kafka/job/kafka-pr/job/PR-13753/2/testReport/junit/integration.kafka.server/FetchFromFollowerIntegrationTest/Build___JDK_8_and_Scala_2_12___testRackAwareRangeAssignor__/ > integration.kafka.server.FetchFromFollowerIntegrationTest.testRackAwareRangeAssignor > test is flaky > -- > > Key: KAFKA-15020 > URL: https://issues.apache.org/jira/browse/KAFKA-15020 > Project: Kafka > Issue Type: Test >Reporter: Atul Sharma >Priority: Major > > Sometimes the test fails with the following log: > {code:java} > Gradle Test Run :core:integrationTest > Gradle Test Executor 175 > > FetchFromFollowerIntegrationTest > testRackAwareRangeAssignor() FAILED > org.opentest4j.AssertionFailedError: Consumed 0 records before timeout > instead of the expected 2 records > at org.junit.jupiter.api.AssertionUtils.fail(AssertionUtils.java:38) > at org.junit.jupiter.api.Assertions.fail(Assertions.java:135) > at kafka.utils.TestUtils$.pollUntilAtLeastNumRecords(TestUtils.scala:1087) > at > integration.kafka.server.FetchFromFollowerIntegrationTest.$anonfun$testRackAwareRangeAssignor$11(FetchFromFollowerIntegrationTest.scala:216) > at > integration.kafka.server.FetchFromFollowerIntegrationTest.$anonfun$testRackAwareRangeAssignor$11$adapted(FetchFromFollowerIntegrationTest.scala:215) > at scala.collection.mutable.ResizableArray.foreach(ResizableArray.scala:62) > at scala.collection.mutable.ResizableArray.foreach$(ResizableArray.scala:55) > at scala.collection.mutable.ArrayBuffer.foreach(ArrayBuffer.scala:49) > at > integration.kafka.server.FetchFromFollowerIntegrationTest.verifyAssignments$1(FetchFromFollowerIntegrationTest.scala:215) > at > integration.kafka.server.FetchFromFollowerIntegrationTest.testRackAwareRangeAssignor(FetchFromFollowerIntegrationTest.scala:244) > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] (KAFKA-14984) DynamicBrokerReconfigurationTest.testThreadPoolResize() test is flaky
[ https://issues.apache.org/jira/browse/KAFKA-14984 ] Atul Sharma deleted comment on KAFKA-14984: - was (Author: JIRAUSER299965): https://ci-builds.apache.org/job/Kafka/job/kafka-pr/job/PR-13753/2/testReport/junit/integration.kafka.server/FetchFromFollowerIntegrationTest/Build___JDK_8_and_Scala_2_12___testRackAwareRangeAssignor__/ > DynamicBrokerReconfigurationTest.testThreadPoolResize() test is flaky > -- > > Key: KAFKA-14984 > URL: https://issues.apache.org/jira/browse/KAFKA-14984 > Project: Kafka > Issue Type: Test >Reporter: Manyanda Chitimbo >Priority: Major > > The test sometimes fails with the below log > {code:java} > kafka.server.DynamicBrokerReconfigurationTest.testThreadPoolResize() failed, > log available in > .../core/build/reports/testOutput/kafka.server.DynamicBrokerReconfigurationTest.testThreadPoolResize().test.stdoutGradle > Test Run :core:test > Gradle Test Executor 6 > > DynamicBrokerReconfigurationTest > testThreadPoolResize() FAILED > org.opentest4j.AssertionFailedError: Invalid threads: expected 6, got 8: > List(data-plane-kafka-socket-acceptor-ListenerName(PLAINTEXT)-PLAINTEXT-0, > data-plane-kafka-socket-acceptor-ListenerName(PLAINTEXT)-PLAINTEXT-0, > data-plane-kafka-socket-acceptor-ListenerName(INTERNAL)-SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(EXTERNAL)-SASL_SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(INTERNAL)-SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(INTERNAL)-SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(EXTERNAL)-SASL_SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(EXTERNAL)-SASL_SSL-0) ==> > expected: but was: > at > app//org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:151) > at > app//org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:132) > at > app//org.junit.jupiter.api.AssertTrue.failNotTrue(AssertTrue.java:63) > at > app//org.junit.jupiter.api.AssertTrue.assertTrue(AssertTrue.java:36) > at > app//org.junit.jupiter.api.Assertions.assertTrue(Assertions.java:211) > at > app//kafka.server.DynamicBrokerReconfigurationTest.verifyThreads(DynamicBrokerReconfigurationTest.scala:1634) > at > app//kafka.server.DynamicBrokerReconfigurationTest.testThreadPoolResize(DynamicBrokerReconfigurationTest.scala:872) > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-14984) DynamicBrokerReconfigurationTest.testThreadPoolResize() test is flaky
[ https://issues.apache.org/jira/browse/KAFKA-14984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17726146#comment-17726146 ] Atul Sharma commented on KAFKA-14984: - https://ci-builds.apache.org/job/Kafka/job/kafka-pr/job/PR-13753/2/testReport/junit/integration.kafka.server/FetchFromFollowerIntegrationTest/Build___JDK_8_and_Scala_2_12___testRackAwareRangeAssignor__/ > DynamicBrokerReconfigurationTest.testThreadPoolResize() test is flaky > -- > > Key: KAFKA-14984 > URL: https://issues.apache.org/jira/browse/KAFKA-14984 > Project: Kafka > Issue Type: Test >Reporter: Manyanda Chitimbo >Priority: Major > > The test sometimes fails with the below log > {code:java} > kafka.server.DynamicBrokerReconfigurationTest.testThreadPoolResize() failed, > log available in > .../core/build/reports/testOutput/kafka.server.DynamicBrokerReconfigurationTest.testThreadPoolResize().test.stdoutGradle > Test Run :core:test > Gradle Test Executor 6 > > DynamicBrokerReconfigurationTest > testThreadPoolResize() FAILED > org.opentest4j.AssertionFailedError: Invalid threads: expected 6, got 8: > List(data-plane-kafka-socket-acceptor-ListenerName(PLAINTEXT)-PLAINTEXT-0, > data-plane-kafka-socket-acceptor-ListenerName(PLAINTEXT)-PLAINTEXT-0, > data-plane-kafka-socket-acceptor-ListenerName(INTERNAL)-SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(EXTERNAL)-SASL_SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(INTERNAL)-SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(INTERNAL)-SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(EXTERNAL)-SASL_SSL-0, > data-plane-kafka-socket-acceptor-ListenerName(EXTERNAL)-SASL_SSL-0) ==> > expected: but was: > at > app//org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:151) > at > app//org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:132) > at > app//org.junit.jupiter.api.AssertTrue.failNotTrue(AssertTrue.java:63) > at > app//org.junit.jupiter.api.AssertTrue.assertTrue(AssertTrue.java:36) > at > app//org.junit.jupiter.api.Assertions.assertTrue(Assertions.java:211) > at > app//kafka.server.DynamicBrokerReconfigurationTest.verifyThreads(DynamicBrokerReconfigurationTest.scala:1634) > at > app//kafka.server.DynamicBrokerReconfigurationTest.testThreadPoolResize(DynamicBrokerReconfigurationTest.scala:872) > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (KAFKA-15020) integration.kafka.server.FetchFromFollowerIntegrationTest.testRackAwareRangeAssignor test is flaky
Atul Sharma created KAFKA-15020: --- Summary: integration.kafka.server.FetchFromFollowerIntegrationTest.testRackAwareRangeAssignor test is flaky Key: KAFKA-15020 URL: https://issues.apache.org/jira/browse/KAFKA-15020 Project: Kafka Issue Type: Test Reporter: Atul Sharma Sometimes the test fails with the following log: {code:java} Gradle Test Run :core:integrationTest > Gradle Test Executor 175 > FetchFromFollowerIntegrationTest > testRackAwareRangeAssignor() FAILED org.opentest4j.AssertionFailedError: Consumed 0 records before timeout instead of the expected 2 records at org.junit.jupiter.api.AssertionUtils.fail(AssertionUtils.java:38) at org.junit.jupiter.api.Assertions.fail(Assertions.java:135) at kafka.utils.TestUtils$.pollUntilAtLeastNumRecords(TestUtils.scala:1087) at integration.kafka.server.FetchFromFollowerIntegrationTest.$anonfun$testRackAwareRangeAssignor$11(FetchFromFollowerIntegrationTest.scala:216) at integration.kafka.server.FetchFromFollowerIntegrationTest.$anonfun$testRackAwareRangeAssignor$11$adapted(FetchFromFollowerIntegrationTest.scala:215) at scala.collection.mutable.ResizableArray.foreach(ResizableArray.scala:62) at scala.collection.mutable.ResizableArray.foreach$(ResizableArray.scala:55) at scala.collection.mutable.ArrayBuffer.foreach(ArrayBuffer.scala:49) at integration.kafka.server.FetchFromFollowerIntegrationTest.verifyAssignments$1(FetchFromFollowerIntegrationTest.scala:215) at integration.kafka.server.FetchFromFollowerIntegrationTest.testRackAwareRangeAssignor(FetchFromFollowerIntegrationTest.scala:244) {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (KAFKA-15015) Binaries contain 2 versions of reload4j
[ https://issues.apache.org/jira/browse/KAFKA-15015?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Atul Sharma reassigned KAFKA-15015: --- Assignee: Atul Sharma > Binaries contain 2 versions of reload4j > --- > > Key: KAFKA-15015 > URL: https://issues.apache.org/jira/browse/KAFKA-15015 > Project: Kafka > Issue Type: Bug >Affects Versions: 3.5.0, 3.4.1 >Reporter: Mickael Maison >Assignee: Atul Sharma >Priority: Major > > These releases ship 2 versions of reload4j: > - reload4j-1.2.19.jar > - reload4j-1.2.25.jar -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-15015) Binaries contain 2 versions of reload4j
[ https://issues.apache.org/jira/browse/KAFKA-15015?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17725390#comment-17725390 ] Atul Sharma commented on KAFKA-15015: - [~mimaison] [~showuon] raised PR [GitHub Pull Request #13745|https://github.com/apache/kafka/pull/13745] > Binaries contain 2 versions of reload4j > --- > > Key: KAFKA-15015 > URL: https://issues.apache.org/jira/browse/KAFKA-15015 > Project: Kafka > Issue Type: Bug >Affects Versions: 3.5.0, 3.4.1 >Reporter: Mickael Maison >Priority: Major > > These releases ship 2 versions of reload4j: > - reload4j-1.2.19.jar > - reload4j-1.2.25.jar -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-15015) Binaries contain 2 versions of reload4j
[ https://issues.apache.org/jira/browse/KAFKA-15015?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17725207#comment-17725207 ] Atul Sharma commented on KAFKA-15015: - Hi, [~mimaison] can i take this? > Binaries contain 2 versions of reload4j > --- > > Key: KAFKA-15015 > URL: https://issues.apache.org/jira/browse/KAFKA-15015 > Project: Kafka > Issue Type: Bug >Affects Versions: 3.5.0, 3.4.1 >Reporter: Mickael Maison >Priority: Major > > These releases ship 2 versions of reload4j: > - reload4j-1.2.19.jar > - reload4j-1.2.25.jar -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (KAFKA-14994) jose4j is vulnerable to CVE- Improper Cryptographic Algorithm
[ https://issues.apache.org/jira/browse/KAFKA-14994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Atul Sharma resolved KAFKA-14994. - Resolution: Fixed > jose4j is vulnerable to CVE- Improper Cryptographic Algorithm > -- > > Key: KAFKA-14994 > URL: https://issues.apache.org/jira/browse/KAFKA-14994 > Project: Kafka > Issue Type: Bug >Affects Versions: 3.4.0 >Reporter: Gaurav Jetly >Assignee: Atul Sharma >Priority: Major > Labels: Security > Fix For: 3.6.0 > > > Jose4j has the following vulnerability with high score of 7.1. > jose4j is vulnerable to Improper Cryptographic Algorithm. The vulnerability > exists due to the way `RSA1_5` and `RSA_OAEP` is implemented, allowing an > attacker to decrypt `RSA1_5` or `RSA_OAEP` encrypted ciphertexts, and in > addition, it may be feasible to sign with affected keys. > Please help upgrade the library to latest version > Current version in use: 0.7.9 > Latest version with the fix: 0.9.3 > CVE- > - Improper Cryptographic Algorithm > - Severity: HIGH > - CVSS: 7.1 > - Disclosure Date: 07 Feb 2023 19:00PM EST > - Vulnerability Info: > https://sca.analysiscenter.veracode.com/vulnerability-database/vulnerabilities/40398 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-14994) jose4j is vulnerable to CVE- Improper Cryptographic Algorithm
[ https://issues.apache.org/jira/browse/KAFKA-14994?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17722317#comment-17722317 ] Atul Sharma commented on KAFKA-14994: - PR: https://github.com/apache/kafka/pull/13717 > jose4j is vulnerable to CVE- Improper Cryptographic Algorithm > -- > > Key: KAFKA-14994 > URL: https://issues.apache.org/jira/browse/KAFKA-14994 > Project: Kafka > Issue Type: Bug >Affects Versions: 3.4.0 >Reporter: Gaurav Jetly >Assignee: Atul Sharma >Priority: Major > Labels: Security > > Jose4j has the following vulnerability with high score of 7.1. > jose4j is vulnerable to Improper Cryptographic Algorithm. The vulnerability > exists due to the way `RSA1_5` and `RSA_OAEP` is implemented, allowing an > attacker to decrypt `RSA1_5` or `RSA_OAEP` encrypted ciphertexts, and in > addition, it may be feasible to sign with affected keys. > Please help upgrade the library to latest version > Current version in use: 0.7.9 > Latest version with the fix: 0.9.3 > CVE- > - Improper Cryptographic Algorithm > - Severity: HIGH > - CVSS: 7.1 > - Disclosure Date: 07 Feb 2023 19:00PM EST > - Vulnerability Info: > https://sca.analysiscenter.veracode.com/vulnerability-database/vulnerabilities/40398 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (KAFKA-14994) jose4j is vulnerable to CVE- Improper Cryptographic Algorithm
[ https://issues.apache.org/jira/browse/KAFKA-14994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Atul Sharma reassigned KAFKA-14994: --- Assignee: Atul Sharma > jose4j is vulnerable to CVE- Improper Cryptographic Algorithm > -- > > Key: KAFKA-14994 > URL: https://issues.apache.org/jira/browse/KAFKA-14994 > Project: Kafka > Issue Type: Bug >Affects Versions: 3.4.0 >Reporter: Gaurav Jetly >Assignee: Atul Sharma >Priority: Major > Labels: Security > > Jose4j has the following vulnerability with high score of 7.1. > jose4j is vulnerable to Improper Cryptographic Algorithm. The vulnerability > exists due to the way `RSA1_5` and `RSA_OAEP` is implemented, allowing an > attacker to decrypt `RSA1_5` or `RSA_OAEP` encrypted ciphertexts, and in > addition, it may be feasible to sign with affected keys. > Please help upgrade the library to latest version > Current version in use: 0.7.9 > Latest version with the fix: 0.9.3 > CVE- > - Improper Cryptographic Algorithm > - Severity: HIGH > - CVSS: 7.1 > - Disclosure Date: 07 Feb 2023 19:00PM EST > - Vulnerability Info: > https://sca.analysiscenter.veracode.com/vulnerability-database/vulnerabilities/40398 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-14839) Exclude protected variable from JavaDocs
[ https://issues.apache.org/jira/browse/KAFKA-14839?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17722116#comment-17722116 ] Atul Sharma commented on KAFKA-14839: - [~mjsax] edited PR to apply this configuration in whole project > Exclude protected variable from JavaDocs > > > Key: KAFKA-14839 > URL: https://issues.apache.org/jira/browse/KAFKA-14839 > Project: Kafka > Issue Type: Bug > Components: documentation, streams >Reporter: Matthias J. Sax >Assignee: Atul Sharma >Priority: Major > > Cf > [https://kafka.apache.org/31/javadoc/org/apache/kafka/streams/kstream/JoinWindows.html#enableSpuriousResultFix] > The variable `enableSpuriousResultFix` is protected, and it's not public API, > and thus should not show up in the JavaDocs. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-14839) Exclude protected variable from JavaDocs
[ https://issues.apache.org/jira/browse/KAFKA-14839?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17715657#comment-17715657 ] Atul Sharma commented on KAFKA-14839: - Hi, [~mjsax] can i work in this? > Exclude protected variable from JavaDocs > > > Key: KAFKA-14839 > URL: https://issues.apache.org/jira/browse/KAFKA-14839 > Project: Kafka > Issue Type: Bug > Components: documentation, streams >Reporter: Matthias J. Sax >Priority: Major > > Cf > [https://kafka.apache.org/31/javadoc/org/apache/kafka/streams/kstream/JoinWindows.html#enableSpuriousResultFix] > The variable `enableSpuriousResultFix` is protected, and it's not public API, > and thus should not show up in the JavaDocs. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (KAFKA-14925) The website shouldn't load external resources
[ https://issues.apache.org/jira/browse/KAFKA-14925?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17714920#comment-17714920 ] Atul Sharma commented on KAFKA-14925: - Want to work on this, can someone assign to me? > The website shouldn't load external resources > - > > Key: KAFKA-14925 > URL: https://issues.apache.org/jira/browse/KAFKA-14925 > Project: Kafka > Issue Type: Improvement > Components: website >Reporter: Mickael Maison >Priority: Major > > In includes/_header.htm, we load a resource from fontawesome.com -- This message was sent by Atlassian Jira (v8.20.10#820010)