Just FYI there are 84 jiras fixed for "3.3.9" https://issues.apache.org/jira/issues/?filter=-1&jql=project%20in%20(HADOOP%2C%20HDFS%2C%20MAPREDUCE%2C%20YARN)%20and%20fixVersion%20%3D%203.3.9 and another 14 fixed for 3.3.7 https://issues.apache.org/jira/issues/?filter=-1&jql=project%20in%20(HADOOP%2C%20HDFS%2C%20MAPREDUCE%2C%20YARN)%20and%20fixVersion%20%3D%203.3.7
(3.3.7 and 3.3.9 should be merged together) so that's nearly 100 issues fixed. A release in the 3.3 line can help downstream applications update transitive dependencies. On Tue, Oct 1, 2024 at 1:49 PM Wei-Chiu Chuang <weic...@apache.org> wrote: > Hi I'm just wondering if there has been a discussion for the 3.3.7 release? > > 3.3.6 was released last June. And CVE-2024-23454 isn't backported to the > 3.3 release line. > > Best Regards, > Weichiu >
