Hi,
I am wondering if anyone has some experience or thoughts about tuning
numWorkerThreads in CommitProcessor.
I ran load tests against ZK 3.7 with different settings of numWorkerThreads
and found that it didn't make any considerable difference in terms of both
throughput and latency.
The test
Mohammad Arshad created ZOOKEEPER-4278:
--
Summary: dependency-check:check failing -
netty-transport-4.1.60.Final CVE-2021-21409
Key: ZOOKEEPER-4278
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4278
Thanks Mate and Norbert for your feedback on RC1.
When I created RC1, OWSP CI was successful (
https://ci-hadoop.apache.org/view/ZooKeeper/job/zookeeper-multi-branch-owasp/job/branch-3.6.3/5/).
But yes, now that ci is falling.
I am cancelling this RC0 due to jetty cve CVE-2021-28165.
Will
dependency check is green now with
https://github.com/apache/zookeeper/pull/1675
We do backport security fixes to 3.5 branch, correct? I will create a
separate PR for that due to ant support.
- Norbert
On Wed, Apr 7, 2021 at 2:19 PM Norbert Kalmar wrote:
> Please don't forget to update the
Norbert Kalmár created ZOOKEEPER-4277:
-
Summary: dependency-check:check failing - jetty-server-9.4.39
CVE-2021-28165
Key: ZOOKEEPER-4277
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4277
Please don't forget to update the license files also in zookeeper-server
resources folder!
But better yet I can create the jira and have a PR up soon.
- Norbert
On Wed, Apr 7, 2021 at 1:50 PM Andor Molnar wrote:
> Good catch Mate!
>
> Jetty has to be upgraded.
>
> Andor
>
>
>
>
> > On 2021.
Good catch Mate!
Jetty has to be upgraded.
Andor
> On 2021. Apr 7., at 13:43, Szalay-Bekő Máté
> wrote:
>
> -1 (non-binding)
>
> Hello Mohammad!
>
> Thanks for the great work! Sorry for torpedoing it :(
>
> I voted with -1, as the CVE check failed for me on the release candidate:
>
>
-1 (non-binding)
Hello Mohammad!
Thanks for the great work! Sorry for torpedoing it :(
I voted with -1, as the CVE check failed for me on the release candidate:
mvn clean package -DskipTests dependency-check:check
(...)
[ERROR] Failed to execute goal