incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gour Saha <>
Subject [CANCEL] [VOTE] Release Apache Slider 0.70.0-incubating
Date Fri, 13 Mar 2015 02:17:30 GMT
That totally makes sense.

I am going to cancel this release and prepare a new RC with the fixes. I
will call it 0.70.1-incubating and start the vote all over again.

Thank you.


On 3/12/15, 7:02 PM, "Marvin Humphrey" <> wrote:

>On Thu, Mar 12, 2015 at 6:36 PM, Gour Saha <> wrote:
>> Is it okay if we move them to a more appropriate location like
>> src/test/resources directory? Or should we just delete them?
>Here's the rationale, redux:
>The Apache Software Foundation releases open source software.  Binary
>cannot be audited by a PMC.  Even if they are derived from open source,
>are not open source themselves.  They are a potential security hole -- an
>attacker who gains control of the machine on which those binaries are
>introduced may be able to insert a trojan which then goes along for the
>with the distribution.  Security-conscious consumers who compile from
>distributions rather than use convenience binaries will find it tricky and
>laborious to detect and replace embedded mystery binaries.
>Does that make sense?  Based on that rationale, I hope that you can find a
>workaround which allows the official source release to be entirely free of
>Marvin Humphrey
>To unsubscribe, e-mail:
>For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message