Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[11.0] Updated the 11_0 release documents with latest known issues #9421

Merged
merged 3 commits into from
Jan 10, 2022
Merged

[11.0] Updated the 11_0 release documents with latest known issues #9421

merged 3 commits into from
Jan 10, 2022

Conversation

frouioui
Copy link
Member

Description

This pull request updates the release notes of the 11.0.* releases by adding the Log4j vulnerability to the list of known issues, along with #9174.

@frouioui frouioui changed the base branch from main to release-11.0 December 17, 2021 17:25
@frouioui frouioui changed the base branch from release-11.0 to release-10.0 December 20, 2021 10:31
@frouioui frouioui changed the base branch from release-10.0 to release-11.0 December 20, 2021 10:31
@frouioui
empty commit
b590b83 
Signed-off-by: Florent Poinsard <[email protected]>
deepthi
deepthi reviewed Jan 4, 2022
View reviewed changes
Copy link
Member

@deepthi deepthi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should hold this until we have released new patch versions that include log4j 2.17.1.

doc/releasenotes/11_0_0_release_notes.md Outdated
[CVE-2021-45046](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046) followed.
This has been fixed in release `2.16.0`. This release, `v11.0.0`, uses a version of Log4j below `2.16.0`, for this reason, we encourage you to use `v11.0.3` instead, which contains the patch for the vulnerability.

- An issue related to `-keep_data` being ignored in v2 vreplication workflows (#9174) is known to be present in this release. A workaround is available in the description of issue #9174.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should make this stronger. It's not that -keep_data is being ignored, the value from the other flag (-force) is being used instead.

@frouioui
updated 11.0 release notes with latest log4j information and more exp…
5f41ad4 
…licit message around known v2 vrep issue

Signed-off-by: Florent Poinsard <[email protected]>
@frouioui frouioui requested a review from deepthi January 5, 2022 14:53
@askdba askdba merged commit 47cbc22 into vitessio:release-11.0 Jan 10, 2022
@askdba askdba deleted the fp-update-11.0-docs branch January 10, 2022 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@askdba askdba askdba approved these changes

@deepthi deepthi deepthi approved these changes

Assignees
No one assigned
Labels
Component: Build/CI Type: CI/Build
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@frouioui @deepthi @askdba