trafficserver-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Phil Sorber <sor...@apache.org>
Subject Re: [VOTE] Release Apache Traffic Server 5.3.1 (RC0)
Date Fri, 03 Jul 2015 16:03:04 GMT
+1 Tested on CentOS 6.5

On Thu, Jul 2, 2015 at 4:09 PM Bryan Call <bcall@apache.org> wrote:

> +1
>
> Tested on Fedora 22.  Signatures and regression passed.
>
> -Bryan
>
>
> > On Jun 29, 2015, at 9:56 PM, Phil Sorber <sorber@apache.org> wrote:
> >
> > Hello All,
> >
> > I've prepared a release for v5.3.1 (RC0) which is the latest stable
> release
> > in the 5.3.x series. This is the second release in our Long Term Support
> > (LTS) version as detailed in our Release Management document:
> >
> > https://cwiki.apache.org/confluence/display/TS/Release+Management
> >
> > Changes since 5.3.0:
> >
> >
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12327092&projectId=12310963
> >
> > Of special note are two fixes for CVE-2015-3249 that effect the HTTP/2
> > experimental feature in Apache Traffic Server 5.3.0. They are both DOS
> > attacks and can be avoided by simply disabling HTTP/2 or upgrading.
> >
> > A summary of the new features in 5.3.x are here:
> >
> > https://cwiki.apache.org/confluence/display/TS/What%27s+new+in+v5.3.x
> >
> > Information about upgrading to this release from previous ones is
> available
> > at:
> >
> > https://cwiki.apache.org/confluence/display/TS/Upgrading+to+v5.0
> >
> > The cache in this release is compatible with the previous 5.x and 4.x
> > releases.
> >
> > The artifacts are available for download at:
> >
> > http://people.apache.org/~sorber/releases/trafficserver/5.3.1-rc0/
> >
> > MD5: 9c0e2450b1dd1bbdd63ebcc344b5a813
> > SHA1: 771d3fafac6b8e144376fb16398f03b79f39912f
> >
> > This corresponds to git:
> >
> > Hash: 38b4113f5e9e6aa6c659c4f5e0eaf7db2f1ff67e
> > Tag: 5.3.1-rc0
> >
> > Which can be verified with the following:
> >
> > git tag -v 5.3.1-rc0
> >
> > My code signing key is available here:
> >
> > http://people.apache.org/~sorber/gpg-code-signing-key.asc
> >
> > Make sure you refresh from a key server to get all relevant signatures.
> >
> > The vote is open until Jul 2nd 2015. This is shorter than normal because
> it
> > is a bug fix/security release and the holiday weekend.
> >
> > Thanks All!
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message