hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-7126) Update website with info on how to report security bugs
Date Mon, 02 Mar 2015 02:27:05 GMT

    [ https://issues.apache.org/jira/browse/HBASE-7126?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14342637#comment-14342637
] 

Hadoop QA commented on HBASE-7126:
----------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12701748/HBASE-7126.patch
  against master branch at commit dad2474f08d201d09989e36f5cf1c25d3fa4acee.
  ATTACHMENT ID: 12701748

    {color:green}+1 @author{color}.  The patch does not contain any @author tags.

    {color:green}+0 tests included{color}.  The patch appears to be a documentation patch
that doesn't require tests.
    {color:green}+1 hadoop versions{color}. The patch compiles with all supported hadoop versions
(2.4.1 2.5.2 2.6.0)

    {color:green}+1 javac{color}.  The applied patch does not increase the total number of
javac compiler warnings.

    {color:green}+1 javac{color}.  The applied patch does not increase the total number of
javac compiler warnings.

    {color:green}+1 javadoc{color}.  The javadoc tool did not generate any warning messages.

    {color:green}+1 checkstyle{color}.  The applied patch does not increase the total number
of checkstyle errors

    {color:green}+1 findbugs{color}.  The patch does not introduce any new Findbugs (version
2.0.3) warnings.

    {color:green}+1 release audit{color}.  The applied patch does not increase the total number
of release audit warnings.

    {color:red}-1 lineLengths{color}.  The patch introduces the following lines longer than
100:
    +Please use link:https://issues.apache.org/jira/browse/hbase[JIRA] to report non-security-related
bugs. 
+To protect existing HBase installations from new vulnerabilities, please *do not* use JIRA
to report security-related bugs. Instead, send your report to the mailing list private@apache.org,
which allows anyone to send messages, but restricts who can read them. Someone on that list
will contact you to follow up on your report.
+NOTE: To protect existing HBase installations from new vulnerabilities, please *do not* use
JIRA to report security-related bugs. Instead, send your report to the mailing list private@apache.org,
which allows anyone to send messages, but restricts who can read them. Someone on that list
will contact you to follow up on your report.

  {color:green}+1 site{color}.  The mvn site goal succeeds with this patch.

     {color:red}-1 core tests{color}.  The patch failed these unit tests:
     

Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-hadoop-compat.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-prefix-tree.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-examples.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-server.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-rest.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-protocol.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-client.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-thrift.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-hadoop2-compat.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/newPatchFindbugsWarningshbase-annotations.html
Checkstyle Errors: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//artifact/patchprocess/checkstyle-aggregate.html

  Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/13023//console

This message is automatically generated.

> Update website with info on how to report security bugs 
> --------------------------------------------------------
>
>                 Key: HBASE-7126
>                 URL: https://issues.apache.org/jira/browse/HBASE-7126
>             Project: HBase
>          Issue Type: Task
>          Components: documentation
>            Reporter: Eli Collins
>            Assignee: Misty Stanley-Jones
>            Priority: Critical
>              Labels: website
>         Attachments: HBASE-7126.patch
>
>
> The HBase website should be updated with information on how to report potential security
vulnerabilities. In Hadoop land we have a private security list that anyone case post to that
we point to on our list page: Hadoop example http://hadoop.apache.org/general_lists.html#Security.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message