Hi Matthew, If you have any opinion about this as a Go developer, please let us know. If you don't have any opinion, we will release this as-is.
Thanks, -- kou In <CANva0dh46M42WiJyGZDy49LSQ85GDk5Ro_sqX1ry-vi==GVs=w...@mail.gmail.com> "Re: [VOTE] Release Apache Arrow 7.0.1 - RC0" on Mon, 18 Jul 2022 11:56:48 +0200, Jacob Wujciak <ja...@voltrondata.com.INVALID> wrote: > I would lean towards backporting the fix too but I am not familiar with the > go ecosystem and this PR contains a bunch of version bumps, unsure if those > are required for the fix or were just added to the PR and if those are a > problem for go users of the existing 7.0.0 version? > > On Fri, Jul 15, 2022 at 11:58 PM Sutou Kouhei <k...@clear-code.com> wrote: > >> Hi, >> >> It seems that this is related to >> https://github.com/apache/arrow/pull/12303 . >> Should we backport this too? >> >> Thanks, >> -- >> kou >> >> In <cahm19a4wwtwtdmbjxqk+_vuvjvmzyun1bpjgi2jnro-shk6...@mail.gmail.com> >> "Re: [VOTE] Release Apache Arrow 7.0.1 - RC0" on Fri, 15 Jul 2022 >> 15:55:35 +0200, >> Krisztián Szűcs <szucs.kriszt...@gmail.com> wrote: >> >> > +0 >> > >> > I'm getting the same error with go version 1.18.1 darwin/arm64 but it >> > works with go version 1.16.12. >> > >> > On Fri, Jul 15, 2022 at 12:09 PM Jacob Wujciak >> > <ja...@voltrondata.com.invalid> wrote: >> >> >> >> +0 I got the following repeatable error in arrow/array on manjaro >> 21.3.2. >> >> Full log at [1] >> >> >> >> └ Found go version go1.18.3 linux/amd64 at /usr/bin/go >> >> /tmp/arrow-7.0.1.DuPzW/apache-arrow-7.0.1/go/arrow >> >> /tmp/arrow-7.0.1.DuPzW/apache-arrow-7.0.1 ~/verify-rc/arrow >> >> ok github.com/apache/arrow/go/v7/arrow 0.017s >> >> unexpected fault address 0xb60cc0 >> >> fatal error: fault >> >> [signal SIGSEGV: segmentation violation code=0x2 addr=0xb60cc0 >> pc=0x4118e3] >> >> [...] >> >> FAIL github.com/apache/arrow/go/v7/arrow/array 0.538s >> >> >> >> [1]: https://pastebin.com/yPjSCbg3 >> >> >> >> On Fri, Jul 15, 2022 at 10:37 AM Raul Cumplido Dominguez >> >> <r...@voltrondata.com.invalid> wrote: >> >> >> >> > +1, verified on ubuntu 22.04 >> >> > >> >> > On Fri, Jul 15, 2022 at 2:59 AM Yibo Cai <yibo....@arm.com> wrote: >> >> > >> >> > > +1, verified on arm64 >> >> > > >> >> > > -----Original Message----- >> >> > > From: Sutou Kouhei <k...@clear-code.com> >> >> > > Sent: Friday, July 15, 2022 5:11 AM >> >> > > To: dev@arrow.apache.org >> >> > > Subject: [VOTE] Release Apache Arrow 7.0.1 - RC0 >> >> > > >> >> > > Hi, >> >> > > >> >> > > I would like to propose the following release candidate >> >> > > (RC0) of Apache Arrow version 7.0.1. This is a release consisting >> of 1 >> >> > > resolved JIRA issues[1]. >> >> > > >> >> > > This is one of releases[2] that focus on a Go related security >> >> > > vulnerability[3]. We don't publish binary artifacts of this release >> >> > because >> >> > > we don't have Go related binaries. >> >> > > >> >> > > This release candidate is based on commit: >> >> > > 072ae55dc8172bb1a898fda5d5a83ec063b05a6d [4] >> >> > > >> >> > > The source release rc0 is hosted at [5]. >> >> > > The changelog is located at [6]. >> >> > > >> >> > > Please download, verify checksums and signatures, run the unit >> tests, and >> >> > > vote on the release. See [7] for how to validate a release >> candidate. But >> >> > > you need to verify only Go related tests because this release >> candidate >> >> > > only includes a change for Go. So we can use the following command >> line: >> >> > > >> >> > > TEST_DEFAULT=0 TEST_GO=1 dev/release/verify-release-candidate.sh >> >> > 7.0.1 >> >> > > 0 >> >> > > >> >> > > The vote will be open for at least 72 hours. >> >> > > >> >> > > [ ] +1 Release this as Apache Arrow 7.0.1 [ ] +0 [ ] -1 Do not >> release >> >> > > this as Apache Arrow 7.0.1 because... >> >> > > >> >> > > [1]: >> >> > > >> >> > >> https://issues.apache.org/jira/issues/?jql=project%20%3D%20ARROW%20AND%20status%20in%20%28Resolved%2C%20Closed%29%20AND%20fixVersion%20%3D%207.0.1 >> >> > > [2] >> https://lists.apache.org/thread/qkkzpvmxc0coqhdkc1qoygwy6h4v5sgn >> >> > > [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28948 >> >> > > [4]: >> >> > > >> >> > >> https://github.com/apache/arrow/tree/072ae55dc8172bb1a898fda5d5a83ec063b05a6d >> >> > > [5]: >> https://dist.apache.org/repos/dist/dev/arrow/apache-arrow-7.0.1-rc0 >> >> > > [6]: >> >> > > >> >> > >> https://github.com/apache/arrow/blob/072ae55dc8172bb1a898fda5d5a83ec063b05a6d/CHANGELOG.md >> >> > > [7]: >> >> > > >> >> > >> https://cwiki.apache.org/confluence/display/ARROW/How+to+Verify+Release+Candidates >> >> > > IMPORTANT NOTICE: The contents of this email and any attachments are >> >> > > confidential and may also be privileged. If you are not the intended >> >> > > recipient, please notify the sender immediately and do not disclose >> the >> >> > > contents to any other person, use it for any purpose, or store or >> copy >> >> > the >> >> > > information in any medium. Thank you. >> >> > > >> >> > >>
