Hi all,
I've prepared a new package for a v2.0.1 release. Please take a look at
the artifacts, check the STATUS/README/CHANGES files, and do builds and
tests. After finishing your examination of the release candidate, please
cast your +/-/0 votes, I will call the vote on 8/30. The src tar-ball
and signatures are available in
http://people.apache.org/~zwoop/rel-candidates/
The relevant files are:
-rw-r--r-- 1 zwoop zwoop 2835089 Aug 27 00:31
trafficserver-2.1.2-unstable.tar.bz2
-rw-r--r-- 1 zwoop zwoop 836 Aug 27 00:31
trafficserver-2.1.2-unstable.tar.bz2.asc
-rw-r--r-- 1 zwoop zwoop 71 Aug 27 00:31
trafficserver-2.1.2-unstable.tar.bz2.md5
-rw-r--r-- 1 zwoop zwoop 79 Aug 27 00:31
trafficserver-2.1.2-unstable.tar.bz2.sha1
Checksums are:
SHA1: 2aec3e4b4af98f200b22d9696618bc11c1af0b51
*trafficserver-2.1.2-unstable.tar.bz2
MD5: 67345d62bcb01a58f9a4b281bbaed1d2 *trafficserver-2.1.2-unstable.tar.bz2
This is primarily a release to address CVE-2010-2952, but it also
includes a fairly large number of bug fixes and improvements since the
2.1.1 release. A patch for v2.1.1 is also available on the dist mirrors,
which only addresses the CVE-2010-2952 incident.
Special thanks to Tim Brown for reporting the DNS vulnerabilities, and
for giving us ample time to address the deficiencies.
-- Leif
