Hi all,
Seems there's no objections. Then I'm managing this release.
Since the build is stable, and CVE-2020-17518 is already ported to the 1.10
branch, it looks like we can prepare the release candidate anytime.
I'd like to leave a bit more time for people to report issues that they
want to inc
You right, Yu. Thanks for pointing that out.
And thanks for volunteering, Xintong.
On Thu, Jan 14, 2021 at 3:31 AM Xintong Song wrote:
> Maybe I can help drive this release, if there's no one else volunteering.
> I've been managing the 1.11.3 and 1.12.1 releases. The bugfix release
> process is
Maybe I can help drive this release, if there's no one else volunteering.
I've been managing the 1.11.3 and 1.12.1 releases. The bugfix release
process is still warm in my mind. :)
Thank you~
Xintong Song
On Wed, Jan 13, 2021 at 8:09 PM Yu Li wrote:
> +1 for having a bugfix release for the 1
+1 for having a bugfix release for the 1.10 branch to fix the security
issue.
Thanks for driving the discussion Matthias!
Minor: CVE-2020-17519 is introduced by 1.11.0 [1] so we don't need to fix
it in 1.10.3, but CVE-2020-17518 [2] is needed.
Best Regards,
Yu
[1] https://s.apache.org/CVE-2020-
Thanks for starting this discussion Matthias. I agree with all of you that
a final 1.10.3 release could be really helpful for our users. Given that CI
passes, it shouldn't be too much overhead either.
Cheers,
Till
On Wed, Jan 13, 2021 at 9:45 AM Xingbo Huang wrote:
> Thanks for starting this di
Thanks for starting this discussion, Matthias.
+1 for releasing 1.10.3 as it contains a number of important fixes.
Best,
Xingbo
Xintong Song 于2021年1月13日周三 下午3:46写道:
> Thanks for bringing this up, Matthias.
>
> Per the "Update Policy for old releases" [1], normally we do not release
> 1.10.x af
Thanks for bringing this up, Matthias.
Per the "Update Policy for old releases" [1], normally we do not release
1.10.x after 1.12.0 is released. However, the policy also says that we are
"open to discussing bugfix releases for even older versions".
In this case, I'm +1 for releasing 1.10.3, for t
Hi,
I'd like to initiate a discussion on releasing Flink 1.10.3. There were a
few requests in favor of this already in [1] and [2].
I checked the release-1.10 branch: 55 commits are not released, yet.
Some non-released fixes that might be relevant are:
- FLINK-20218 [3] - fix "module 'urllib' has
