Re: [VOTE] PIP-280 : Refactor CLI Argument Parsing Logic for Measurement Units using JCommander's custom converter

+1 (non-binding) Thanks, Ran Gao On 2023/07/07 09:25:22 Joo Hyuk Kim wrote: > Hi community, > > This PIP has received a couple of approvals in github PR link [1] > So I thought it's time to vote. > > ## Motivation > > In the current Pulsar codebase, the logic to parse CLI arguments for > measu

CVE-2023-37579: Apache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source Credentials

Affected versions: - Apache Pulsar Function Worker before 2.10.4 - Apache Pulsar Function Worker 2.11.0 Description: Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. Any authenticate

CVE-2023-31007: Apache Pulsar: Broker does not always disconnect client when authentication data expires

Affected versions: - Apache Pulsar before 2.9.5 - Apache Pulsar 2.10.0 through 2.10.3 - Apache Pulsar 2.11.0 Description: Improper Authentication vulnerability in Apache Software Foundation Apache Pulsar Broker allows a client to stay connected to a broker after authentication data expires if

CVE-2023-30429: Apache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar Proxy

Affected versions: - Apache Pulsar before 2.10.4 - Apache Pulsar 2.11.0 Description: Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. When a client connects to the Pulsar Function Worker via the Pul

CVE-2023-30428: Apache Pulsar Broker: Incorrect Authorization Validation for Rest Producer

Affected versions: - Apache Pulsar Broker 2.9.0 through 2.9.5 - Apache Pulsar Broker 2.10.0 before 2.10.4 - Apache Pulsar Broker 2.11.0 Description: Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom H

Re: [VOTE] PIP-280 : Refactor CLI Argument Parsing Logic for Measurement Units using JCommander's custom converter

Hi community, Thank you all for your participation. We may close the vote with the following result. 1 of (+1 non-binding) - Zili Chen 3 of (+1 binding) - Yunze Xu - Mattison (Qiang Zhao) - Nicolò Boschi Best regards JooHyukKim (Vince) On Tue, Jul 11, 2023 at 7:04 PM Joo Hyuk Kim wr

Re: [VOTE] PIP-280 : Refactor CLI Argument Parsing Logic for Measurement Units using JCommander's custom converter

> As long as we don't introduce any breaking change and the new parameters > are covered by unit test Made a commit(Link [1]) to improve considerations Link [1] https://github.com/apache/pulsar/pull/20691/commits/96515b85e97a56133a512165c981361fab939ec1 Thanks, JooHyukKim (Vince) On Tue, Jul 11

Re: [VOTE] PIP-280 : Refactor CLI Argument Parsing Logic for Measurement Units using JCommander's custom converter

> As long as we don't introduce any breaking change and the new parameters are covered by unit test Hello, thank you for your feedback. I agree and will add following to PIP file. "The refactored parameters should maintain coverage. " On Tue, Jul 11, 2023 at 6:34 PM Nicolò Boschi wrote: > +1 bi

Re: [VOTE] PIP-280 : Refactor CLI Argument Parsing Logic for Measurement Units using JCommander's custom converter

+1 binding As long as we don't introduce any breaking change and the new parameters are covered by unit test Thanks, Nicolò Boschi Il giorno mar 11 lug 2023 alle ore 05:00 Qiang Zhao ha scritto: > +1(binding) > > Best, > Mattison > > On 2023/07/07 09:25:22 Joo Hyuk Kim wrote: > > Hi community,