You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by Norbert Kalmar <nk...@apache.org> on 2020/02/06 11:09:49 UTC

[VOTE] Apache ZooKeeper release 3.5.7 candidate 0

This is a bugfix release candidate for 3.5.7. It fixes 21 issues,
including SASL authentication with SSL, third party CVE fixes, data loss
and potential split brain if some rare conditions exists.

The full release notes is available at:

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12346098

*** Please download, test and vote by February 10th 2020, 23:59 UTC+0. ***

Source files:
https://people.apache.org/~nkalmar/zookeeper-3.5.7-candidate-0/

Maven staging repo:
https://repository.apache.org/content/groups/staging/org/apache/zookeeper/zookeeper/3.5.7/

The release candidate tag in git to be voted upon: release-3.5.7-rc0

ZooKeeper's KEYS file containing PGP keys we use to sign the release:
https://www.apache.org/dist/zookeeper/KEYS

Should we release this candidate?

Re: [VOTE] Apache ZooKeeper release 3.5.7 candidate 0

Posted by Norbert Kalmar <nk...@cloudera.com.INVALID>.

Thanks Patrick and Enrico, sorry about that... Obviously I can verify it on
my machine where I generated the key, so I didn't catch this problem.
I did have some issues with my gpg keys when trying to close the maven
staging repo, but that got solved.

- Norbert

On Thu, Feb 6, 2020 at 11:12 PM Enrico Olivelli <eo...@gmail.com> wrote:

> I am sorry.
> I am seeing the same error.
>
> btw I am continuing my tests
>
> Enrico
>
> Il giorno gio 6 feb 2020 alle ore 18:46 Patrick Hunt
> <ph...@apache.org> ha scritto:
> >
> > -1 - looks like there are problems with the sig?
> >
> > $gpg --import KEYS
> > ...
> > gpg: key 792D43153B5B5147: public key "Norbert Kalmar <
> nkalmar@apache.org>"
> > imported
> >
> >
> > $ gpg --verify apache-zookeeper-3.5.7-bin.tar.gz.asc
> > gpg: assuming signed data in 'apache-zookeeper-3.5.7-bin.tar.gz'
> > gpg: Signature made Wed Feb  5 06:12:51 2020 PST
> > gpg:                using RSA key
> 22CA288910DA204539CAD1638A563F46D7345231
> > gpg: Can't check signature: No public key
> >
> > $ gpg --verify apache-zookeeper-3.5.7.tar.gz.asc
> > gpg: assuming signed data in 'apache-zookeeper-3.5.7.tar.gz'
> > gpg: Signature made Wed Feb  5 06:13:32 2020 PST
> > gpg:                using RSA key
> 22CA288910DA204539CAD1638A563F46D7345231
> > gpg: Can't check signature: No public key
> >
> >
> > On Thu, Feb 6, 2020 at 3:10 AM Norbert Kalmar <nk...@apache.org>
> wrote:
> >
> > > This is a bugfix release candidate for 3.5.7. It fixes 21 issues,
> > > including SASL authentication with SSL, third party CVE fixes, data
> loss
> > > and potential split brain if some rare conditions exists.
> > >
> > > The full release notes is available at:
> > >
> > >
> > >
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12346098
> > >
> > > *** Please download, test and vote by February 10th 2020, 23:59 UTC+0.
> ***
> > >
> > > Source files:
> > > https://people.apache.org/~nkalmar/zookeeper-3.5.7-candidate-0/
> > >
> > > Maven staging repo:
> > >
> > >
> https://repository.apache.org/content/groups/staging/org/apache/zookeeper/zookeeper/3.5.7/
> > >
> > > The release candidate tag in git to be voted upon: release-3.5.7-rc0
> > >
> > > ZooKeeper's KEYS file containing PGP keys we use to sign the release:
> > > https://www.apache.org/dist/zookeeper/KEYS
> > >
> > > Should we release this candidate?
> > >
>

Re: [VOTE] Apache ZooKeeper release 3.5.7 candidate 0

Posted by Enrico Olivelli <eo...@gmail.com>.

I am sorry.
I am seeing the same error.

btw I am continuing my tests

Enrico

Il giorno gio 6 feb 2020 alle ore 18:46 Patrick Hunt
<ph...@apache.org> ha scritto:
>
> -1 - looks like there are problems with the sig?
>
> $gpg --import KEYS
> ...
> gpg: key 792D43153B5B5147: public key "Norbert Kalmar <nk...@apache.org>"
> imported
>
>
> $ gpg --verify apache-zookeeper-3.5.7-bin.tar.gz.asc
> gpg: assuming signed data in 'apache-zookeeper-3.5.7-bin.tar.gz'
> gpg: Signature made Wed Feb  5 06:12:51 2020 PST
> gpg:                using RSA key 22CA288910DA204539CAD1638A563F46D7345231
> gpg: Can't check signature: No public key
>
> $ gpg --verify apache-zookeeper-3.5.7.tar.gz.asc
> gpg: assuming signed data in 'apache-zookeeper-3.5.7.tar.gz'
> gpg: Signature made Wed Feb  5 06:13:32 2020 PST
> gpg:                using RSA key 22CA288910DA204539CAD1638A563F46D7345231
> gpg: Can't check signature: No public key
>
>
> On Thu, Feb 6, 2020 at 3:10 AM Norbert Kalmar <nk...@apache.org> wrote:
>
> > This is a bugfix release candidate for 3.5.7. It fixes 21 issues,
> > including SASL authentication with SSL, third party CVE fixes, data loss
> > and potential split brain if some rare conditions exists.
> >
> > The full release notes is available at:
> >
> >
> > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12346098
> >
> > *** Please download, test and vote by February 10th 2020, 23:59 UTC+0. ***
> >
> > Source files:
> > https://people.apache.org/~nkalmar/zookeeper-3.5.7-candidate-0/
> >
> > Maven staging repo:
> >
> > https://repository.apache.org/content/groups/staging/org/apache/zookeeper/zookeeper/3.5.7/
> >
> > The release candidate tag in git to be voted upon: release-3.5.7-rc0
> >
> > ZooKeeper's KEYS file containing PGP keys we use to sign the release:
> > https://www.apache.org/dist/zookeeper/KEYS
> >
> > Should we release this candidate?
> >

Re: [VOTE] Apache ZooKeeper release 3.5.7 candidate 0

Posted by Patrick Hunt <ph...@apache.org>.

-1 - looks like there are problems with the sig?

$gpg --import KEYS
...
gpg: key 792D43153B5B5147: public key "Norbert Kalmar <nk...@apache.org>"
imported


$ gpg --verify apache-zookeeper-3.5.7-bin.tar.gz.asc
gpg: assuming signed data in 'apache-zookeeper-3.5.7-bin.tar.gz'
gpg: Signature made Wed Feb  5 06:12:51 2020 PST
gpg:                using RSA key 22CA288910DA204539CAD1638A563F46D7345231
gpg: Can't check signature: No public key

$ gpg --verify apache-zookeeper-3.5.7.tar.gz.asc
gpg: assuming signed data in 'apache-zookeeper-3.5.7.tar.gz'
gpg: Signature made Wed Feb  5 06:13:32 2020 PST
gpg:                using RSA key 22CA288910DA204539CAD1638A563F46D7345231
gpg: Can't check signature: No public key


On Thu, Feb 6, 2020 at 3:10 AM Norbert Kalmar <nk...@apache.org> wrote:

> This is a bugfix release candidate for 3.5.7. It fixes 21 issues,
> including SASL authentication with SSL, third party CVE fixes, data loss
> and potential split brain if some rare conditions exists.
>
> The full release notes is available at:
>
>
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310801&version=12346098
>
> *** Please download, test and vote by February 10th 2020, 23:59 UTC+0. ***
>
> Source files:
> https://people.apache.org/~nkalmar/zookeeper-3.5.7-candidate-0/
>
> Maven staging repo:
>
> https://repository.apache.org/content/groups/staging/org/apache/zookeeper/zookeeper/3.5.7/
>
> The release candidate tag in git to be voted upon: release-3.5.7-rc0
>
> ZooKeeper's KEYS file containing PGP keys we use to sign the release:
> https://www.apache.org/dist/zookeeper/KEYS
>
> Should we release this candidate?
>