+1 for try to eliminate the security vulnerabilities. Great thanks for doing this important work, Chesnay! What do you think Hequn ?
Best, Jincheng Chesnay Schepler <ches...@apache.org> 于2019年11月13日周三 下午5:17写道: > It would be great if you could give me a day or 2 to check how easy it > would be to bump the various jackson dependencies to eliminate a few > security vulnerabilities. > > On 09/11/2019 05:10, jincheng sun wrote: > > Hi Flink devs, > > > > It has been more than 2 months since the 1.8.2 released. So, What do you > > think about releasing Flink 1.8.3 soon? > > > > We already have many important bug fixes in the release-1.8 branch (29 > > resolved issues). > > > > Most notable fixes are: > > > > - FLINK-14010 Dispatcher & JobManagers don't give up leadership when AM > is > > shut down > > - FLINK-14315 NPE with JobMaster.disconnectTaskManager > > - FLINK-12848 Method equals() in RowTypeInfo should consider fieldsNames > > - FLINK-12342 Yarn Resource Manager Acquires Too Many Containers > > - FLINK-14589 Redundant slot requests with the same AllocationID leads to > > inconsistent slot table > > > > Furthermore, the following critical issues is in progress, maybe we can > > wait for it if it is not too much effort. > > > > - FLINK-13184 Starting a TaskExecutor blocks the YarnResourceManager's > main > > thread > > > > Please let me know what you think? > > > > Best, > > Jincheng > > > >
