Please download, test and vote on this release asap. BR, Lari
On Fri, May 28, 2021 at 1:09 PM Lari Hotari <lhot...@apache.org> wrote: > This is the first release candidate for Apache Pulsar, version 2.6.4. > > It contains the following changes: > https://github.com/apache/pulsar/compare/v2.6.3...v2.6.4-candidate-1 > > The fix for CVE-2021-22160 [1] made as part of PR #9172 [2] has been > cherry-picked to branch-2.6 in commit 67e7e0cd [3]. > It is included in this release. > > *** Please download, test and vote on this release. This vote will stay > open for at least 72 hours *** > > Note that we are voting upon the source (tag), binaries are provided for > convenience. > > Source and binary files: > https://dist.apache.org/repos/dist/dev/pulsar/pulsar-2.6.4-candidate-1/ > > SHA-512 checksums: > 1a2eaf978d07412668a51fb60d0635a4d5b40d5e9af1a1421100f784902e6a7f02c34dd4d579d58d97fb1b269cc323007943dbf4c3ad4c123a0a262522f6697e > apache-pulsar-2.6.4-bin.tar.gz > c4f415688655ea531724c2d1e82d13a5a9d3d772830860c37213b5ce5bdb1ec3b79ead65e5b1b84015bfe6cf1fdef80b8555bf96b3b9e28815659a073b255342 > apache-pulsar-2.6.4-src.tar.gz > > Maven staging repo: > https://repository.apache.org/content/repositories/orgapachepulsar-1082/ > > The tag to be voted upon: > v2.6.4-candidate-1 (a3f0b88658116ab2223d2e0243b0ee2d33ae8c63) > https://github.com/apache/pulsar/releases/tag/v2.6.4-candidate-1 > > Pulsar's KEYS file containing PGP keys we use to sign the release: > https://dist.apache.org/repos/dist/dev/pulsar/KEYS > > Please download the source package, and follow the README to build and run > the Pulsar standalone service. > > [1] > https://lists.apache.org/thread.html/r347650d15a3e9c5f58b83e918b6ad6dedc2a63d3eb63da8e6a7be87e%40%3Cdev.pulsar.apache.org%3E > [2] https://github.com/apache/pulsar/pull/9172 > [3] https://github.com/apache/pulsar/commit/67e7e0cd >
