[ANNOUNCE] Apache HBase Operator Tools 1.2.0 is now available for download
The HBase team is happy to announce the immediate availability of Apache HBase Operator Tools 1.2.0. Apache HBase™ Operator Tools provides HBCK2 which is the repair tool for Apache HBase 2 clusters. To learn more about HBase and HBase Operator Tools, see https://hbase.apache.org/. The full list of issues can be found in the included CHANGES.md and RELEASENOTES.md, or via our issue tracker: https://s.apache.org/hbase-operator-tools-1.2.0-jira To download please follow the links and instructions on our website: https://hbase.apache.org/downloads.html Question, comments, and problems are always welcome at: d...@hbase.apache.org Thanks to all who contributed and made this release possible. Cheers, The HBase Dev Team -- Best Regards, Guangxu
Re: [NOTICE] Apache log4j2 security vulnerability
If there is no objection, I’ll volunteer to RM hbase-operation-tools 1.2.0 -- Best Regards, Guangxu 张铎(Duo Zhang) 于2021年12月12日周日 22:37写道: > Besides 3.0.0-alpha-2, we also need to make a new release for > hbase-operation-tools, any volunteers? > > Thanks. > > 张铎(Duo Zhang) 于2021年12月10日周五 18:02写道: > > > Seems the 2.15.0 is already out. The log4j community decided to close the > > vote earlier to solve the critical security issue. > > > > A developer in our community has already filed an issue and opened a PR. > > > > https://issues.apache.org/jira/browse/HBASE-26557 > > https://github.com/apache/hbase/pull/3933 > > > > Let's get the PR merged and publish 3.0.-alpha-2 ASAP. > > > > Tak Lon (Stephen) Wu 于2021年12月10日周五 13:44写道: > > > >> Thanks for sharing! I found another post [2] that said how to perform > such > >> an attack. > >> > >> Should we have a JIRA and keep tracking the solution for it? > >> > >> [2] https://www.lunasec.io/docs/blog/log4j-zero-day/ > >> > >> -Stephen > >> > >> On Thu, Dec 9, 2021 at 8:09 PM 张铎(Duo Zhang) > >> wrote: > >> > >> > See this PR > >> > > >> > https://github.com/apache/logging-log4j2/pull/608 > >> > > >> > Although the final 2.15.0 release for log4j2 has not been published > >> yet, at > >> > least on the Chinese internet the details and how to make use of > >> > this vulnerability has already been public[1]. > >> > > >> > HBase 3.0.0-alpha-1 is affected, so once 2.15.0 is out, we will push a > >> > 3.0.0-alpha-2 release out soon. And for those who already use HBase > >> > 3.0.0-alpha-1, please consider using the following ways to disable > JNDI > >> > > >> > Add '-Dlog4j2.formatMsgNoLookups=true' when starting JVM > >> > Add 'log4j2.formatMsgNoLookups=True' to config file > >> > 'export FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS=true' before starting > >> JVM > >> > > >> > Thanks. > >> > > >> > 1. https://nosec.org/home/detail/4917.html > >> > > >> > > >
Re: [NOTICE] Apache log4j2 security vulnerability
If there is no objection, I’ll volunteer to RM hbase-operation-tools 1.2.0 -- Best Regards, Guangxu 张铎(Duo Zhang) 于2021年12月12日周日 22:37写道: > Besides 3.0.0-alpha-2, we also need to make a new release for > hbase-operation-tools, any volunteers? > > Thanks. > > 张铎(Duo Zhang) 于2021年12月10日周五 18:02写道: > > > Seems the 2.15.0 is already out. The log4j community decided to close the > > vote earlier to solve the critical security issue. > > > > A developer in our community has already filed an issue and opened a PR. > > > > https://issues.apache.org/jira/browse/HBASE-26557 > > https://github.com/apache/hbase/pull/3933 > > > > Let's get the PR merged and publish 3.0.-alpha-2 ASAP. > > > > Tak Lon (Stephen) Wu 于2021年12月10日周五 13:44写道: > > > >> Thanks for sharing! I found another post [2] that said how to perform > such > >> an attack. > >> > >> Should we have a JIRA and keep tracking the solution for it? > >> > >> [2] https://www.lunasec.io/docs/blog/log4j-zero-day/ > >> > >> -Stephen > >> > >> On Thu, Dec 9, 2021 at 8:09 PM 张铎(Duo Zhang) > >> wrote: > >> > >> > See this PR > >> > > >> > https://github.com/apache/logging-log4j2/pull/608 > >> > > >> > Although the final 2.15.0 release for log4j2 has not been published > >> yet, at > >> > least on the Chinese internet the details and how to make use of > >> > this vulnerability has already been public[1]. > >> > > >> > HBase 3.0.0-alpha-1 is affected, so once 2.15.0 is out, we will push a > >> > 3.0.0-alpha-2 release out soon. And for those who already use HBase > >> > 3.0.0-alpha-1, please consider using the following ways to disable > JNDI > >> > > >> > Add '-Dlog4j2.formatMsgNoLookups=true' when starting JVM > >> > Add 'log4j2.formatMsgNoLookups=True' to config file > >> > 'export FORMAT_MESSAGES_PATTERN_DISABLE_LOOKUPS=true' before starting > >> JVM > >> > > >> > Thanks. > >> > > >> > 1. https://nosec.org/home/detail/4917.html > >> > > >> > > >
Re: [ANNOUNCE] Please welcome Zheng Hu to the HBase PMC
Congratulations, Zheng! Allan Yang 于2019年8月5日周一 下午5:13写道: > Congratulations, Hu! > Best Regards > Allan Yang > > > Peter Somogyi 于2019年8月5日周一 下午4:47写道: > > > Congratulations! > > > > On Mon, Aug 5, 2019 at 8:57 AM Pankaj kr wrote: > > > > > Congratulations Zheng..!! > > > > > > Regards, > > > Pankaj > > > > > > -Original Message- > > > From: Duo Zhang [mailto:zhang...@apache.org] > > > Sent: 05 August 2019 07:38 > > > To: HBase Dev List ; hbase-user < > > > user@hbase.apache.org> > > > Subject: [ANNOUNCE] Please welcome Zheng Hu to the HBase PMC > > > > > > On behalf of the Apache HBase PMC I am pleased to announce that Zheng > Hu > > > has accepted our invitation to become a PMC member on the Apache HBase > > > project. We appreciate Zheng Hu stepping up to take more responsibility > > in > > > the HBase project. > > > > > > Please join me in welcoming Zheng Hu to the HBase PMC! > > > > > >
Re: [ANNOUNCE] Please welcome Peter Somogyi to the HBase PMC
Congratulations Peter! - Best Regards Guangxu Cheng Allan Yang 于2019年1月22日周二 上午10:15写道: > Congratulations Peter! > Best Regards > Allan Yang > > > Pankaj kr 于2019年1月22日周二 上午9:49写道: > > > > > Congratulations Peter...!!! > > > > Regards, > > Pankaj > > > > -- > > Pankaj Kumar > > M: +91-9535197664(India Contact Number) > > E: pankaj...@huawei.com<mailto:pankaj...@huawei.com> > > 2012实验室-班加罗尔研究所IT BU分部 > > 2012 Laboratories-IT BU Branch Dept.HTIPL > > From:Duo Zhang > > To:HBase Dev List ;hbase-user < > user@hbase.apache.org > > > > > Date:2019-01-22 07:06:43 > > Subject:[ANNOUNCE] Please welcome Peter Somogyi to the HBase PMC > > > > On behalf of the Apache HBase PMC I am pleased to announce that Peter > > Somogyi > > has accepted our invitation to become a PMC member on the Apache HBase > > project. > > We appreciate Peter stepping up to take more responsibility in the HBase > > project. > > > > Please join me in welcoming Peter to the HBase PMC! > > >
Re: [ANNOUNCE] New Committer: Balazs Meszaros
Congratulations and welcome Balazs. Srinivas Reddy 于2018年10月12日周五 下午12:14写道: > Congratulations Balazs. > > - > Srinivas > > - Typed on tiny keys. pls ignore typos.{mobile app} > > On Fri 12 Oct, 2018, 03:49 Sean Busbey, wrote: > > > On behalf of the HBase PMC, I'm pleased to announce that Balazs > > Meszaros has accepted our invitation to become an HBase committer. > > > > Thanks for all your hard work Balazs; we look forward to more > > contributions! > > > > Please join me in extending congratulations to Balazs! > > >