ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maxim Muzafarov <mmu...@apache.org>
Subject Re: Apache Ignite 2.8 RELEASE [Time, Scope, Manager]
Date Mon, 13 Jan 2020 10:09:13 GMT
Igniters,


The list of the 2.8 release BLOCKERs at this moment:


[1] Default auto-adjust baseline enabled flag calculated incorrectly [Anton
Kalashnikov] PATCH AVAILABLE
[2] (Amazon S3 Based Discovery) Nodes getting down *[Unassigned] *OPEN
[3] Cluster Data Store grid gets Corrupted for Load test *[Unassigned] *OPEN
[4] Error during purges by expiration: Unknown page type *[Unassigned] *OPEN
[5] SpringDataExample should use example-ignite.xml config *[Unassigned] *
OPEN
[6] Cluster hangs during concurrent node client and server nodes restart
[Dmitriy Sorokin] IN PROGRESS
[7] Pme-free switch feature should be deactivatable [Sergei Ryzhov] PATCH
AVAILABLE


Full list of release 2.8 issues can be found on the [8] confluence page.


[1] https://issues.apache.org/jira/browse/IGNITE-12227
[2] https://issues.apache.org/jira/browse/IGNITE-12398
[3] https://issues.apache.org/jira/browse/IGNITE-12456
[4] https://issues.apache.org/jira/browse/IGNITE-12489
[5] https://issues.apache.org/jira/browse/IGNITE-8641
[6] https://issues.apache.org/jira/browse/IGNITE-9184
[7] https://issues.apache.org/jira/browse/IGNITE-12470
[8]
https://cwiki.apache.org/confluence/display/IGNITE/Apache+Ignite+2.8#ApacheIgnite2.8-Unresolvedissues(notrelatedtodocumentation)


On Mon, 13 Jan 2020 at 12:51, Maxim Muzafarov <mmuzaf@apache.org> wrote:

> Sergey,
>
> Thank you. I also do not support @IgniteExperemental annotation only
> for solving the current case of compatibility issues.
>
> I like your second suggestion to revert the issue [2] from 2.8 release
> by applying [1] PR. I'm going to apply this patch [1] within the next
> three days.
>
> Any objections?
>
> [1] https://github.com/apache/ignite/pull/7238
> [2] https://issues.apache.org/jira/browse/IGNITE-11256
>
> On Sat, 11 Jan 2020 at 17:59, Sergey Antonov <antonovsergey93@gmail.com>
> wrote:
> >
> > Guys, I created two pull requests [1] [2] for 2.8 release.
> >
> > First of them [1] is a patch with ticket [3] for ignite-2.8 branch.
> > Second [2] is a revert of ticket [4] from 2.8 release.
> >
> > I'm waiting TC run all nightly results for both PRs. I'll write update
> when
> > TC runs will be ok.
> > I'm okay with both proposals (add ticket [1] to release, remove read-only
> > feature from 2.8 release scope). But I'm not okay with
> @IgniteExperemental
> > annotation.
> >
> > [1] https://github.com/apache/ignite/pull/7239
> > [2] https://github.com/apache/ignite/pull/7238
> > [3] https://issues.apache.org/jira/browse/IGNITE-12225
> > [4] https://issues.apache.org/jira/browse/IGNITE-11256
> >
> >
> > пт, 10 янв. 2020 г. в 14:21, Zhenya Stanilovsky
> <arzamas123@mail.ru.invalid
> > >:
> >
> > >
> > > Ivan, if i correctly understand, you suggest additional «expiremental»
> > > stuff only for hiding already leaked RO interface ?
> > > poor approach as for me.
> > >
> > > >Folks,
> > > >
> > > >Some thoughts:
> > > >* Releasing an API with known fallacies sounds really bad thing to me.
> > > >It can have a negative consequences for a whole project for years. My
> > > >opinion here that we should resolve the problem with this API somehow
> > > >before release.
> > > >* We can mark cluster read-only API (without enum) as experimental and
> > > >change the API in e.g. 2.8.1.
> > > >* We can try to exclude read-only API from 2.8 at all.
> > > >
> > > >What do you think?
> > > >
> > > >пт, 10 янв. 2020 г. в 11:20, Alex Plehanov < plehanov.alex@gmail.com
> >:
> > > >>
> > > >> Guys,
> > > >>
> > > >> There is also an issue with cluster activation by thin clients. This
> > > >> feature (.NET thin client API change and protocol change) was added
> by
> > > [1]
> > > >> without any discussion on dev-list. Sergey's patch [2] deprecate
> methods
> > > >> "IgniteCluster.active(boolean)" and "IgniteCluster.active()", but
> > > didn't do
> > > >> this for thin clients. If we want to include IGNITE-12225 to 2.8 we
> also
> > > >> should not forget about thin client changes, since it will be
> strange
> > > if we
> > > >> introduce some methods to thin client API and protocol and in the
> same
> > > >> Ignite version deprecate these methods for servers and thick
> clients.
> > > >>
> > > >> [1]:  https://issues.apache.org/jira/browse/IGNITE-11709
> > > >> [2]:  https://issues.apache.org/jira/browse/IGNITE-12225
> > > >>
> > > >>
> > > >> пт, 10 янв. 2020 г. в 10:24, Zhenya Stanilovsky <
> > > arzamas123@mail.ru.invalid
> > > >> >:
> > > >>
> > > >> >
> > > >> >
> > > >> > Agree with Nikolay, -1 from me, too.
> > > >> >
> > > >> > >Hello, Igniters.
> > > >> > >
> > > >> > >I’m -1 to include the read-only patch to 2.8.
> > > >> > >I think we shouldn’t accept any patches to 2.8 except bug fixes
> for
> > > >> > blockers and major issues.
> > > >> > >
> > > >> > >Guys, we don’t release Apache Ignite for 13 months!
> > > >> > >We should focus on the release and make it ASAP.
> > > >> > >
> > > >> > >We can’t extend the scope anymore.
> > > >> > >
> > > >> > >> 10 янв. 2020 г., в 04:29, Sergey Antonov <
> > > antonovsergey93@gmail.com >
> > > >> > написал(а):
> > > >> > >>
> > > >> > >> Hello, Maxim!
> > > >> > >>
> > > >> > >>> This PR [2] doesn't look a very simple +5,517 −2,038, 111
> files
> > > >> > >> changed.
> > > >> > >> Yes, PR is huge, but I wrote a lot of new tests and reworked
> > > already
> > > >> > >> presented. Changes in product code are minimal - only 30
> changed
> > > files
> > > >> > in
> > > >> > >> /src/main/ part. And most of them are new control.sh commands
> and
> > > >> > >> configuration.
> > > >> > >>
> > > >> > >>> Do we have customer requests for this feature or maybe users
> who
> > > are
> > > >> > >> waiting for exactly that ENUM values exactly in 2.8 release
> (not
> > > the
> > > >> > 2.8.1
> > > >> > >> for instance)?
> > > >> > >> Can we introduce in new features in maintanance release
> (2.8.1)?
> > > Cluster
> > > >> > >> read-only mode will be new feature, if we remove
> > > IgniteCluster#readOnly
> > > >> > in
> > > >> > >> 2.8 release. If all ok with that, lets remove
> > > IgniteCluster#readOnly and
> > > >> > >> move ticket [1] to 2.8.1 release.
> > > >> > >>
> > > >> > >>> Do we have extended test results report (on just only TC.Bot
> green
> > > >> > visa)
> > > >> > >> on this feature to be sure that we will not add any blocker
> issues
> > > to
> > > >> > the
> > > >> > >> release?
> > > >> > >> I'm preparing patch for 2.8 release and I will get new TC Bot
> visa
> > > vs
> > > >> > >> release branch.
> > > >> > >>
> > > >> > >> [1]  https://issues.apache.org/jira/browse/IGNITE-12225
> > > >> > >>
> > > >> > >>
> > > >> > >>
> > > >> > >> чт, 9 янв. 2020 г. в 19:38, Maxim Muzafarov <
> mmuzaf@apache.org
> > > >:
> > > >> > >>
> > > >> > >>> Folks,
> > > >> > >>>
> > > >> > >>>
> > > >> > >>> Let me remind you that we are working on the 2.8 release
> branch
> > > >> > >>> stabilization currently (please, keep it in mind).
> > > >> > >>>
> > > >> > >>>
> > > >> > >>> Do we have a really STRONG reason for adding such a change
> [1] to
> > > the
> > > >> > >>> ignite-2.8 branch? This PR [2] doesn't look a very simple
> +5,517
> > > >> > >>> −2,038, 111 files changed.
> > > >> > >>> Do we have customer requests for this feature or maybe users
> who
> > > are
> > > >> > >>> waiting for exactly that ENUM values exactly in 2.8 release
> (not
> > > the
> > > >> > >>> 2.8.1 for instance)?
> > > >> > >>> Can we just simply remove IgniteCluster#readOnly to eliminate
> any
> > > >> > >>> backward compatibility issues between 2.8 and 2.9 releases?
> > > >> > >>> Do we have extended test results report (on just only TC.Bot
> green
> > > >> > >>> visa) on this feature to be sure that we will not add any
> blocker
> > > >> > >>> issues to the release? For instance, on pre-production
> > > environment.
> > > >> > >>>
> > > >> > >>> I'd like to notice that we also have more than enough the
> release
> > > >> > >>> blocker issues [3] which are still `in progress` and such a
> > > release
> > > >> > >>> run becomes endless. Such changes without strong reasons
> looks too
> > > >> > >>> scary for me a special after scope and code freeze dates.
> > > >> > >>>
> > > >> > >>> Please, dispel my doubts.
> > > >> > >>>
> > > >> > >>> [1]  https://issues.apache.org/jira/browse/IGNITE-12225
> > > >> > >>> [2]  https://github.com/apache/ignite/pull/7194
> > > >> > >>> [3]
> > > >> > >>>
> > > >> >
> > >
> https://cwiki.apache.org/confluence/display/IGNITE/Apache+Ignite+2.8#ApacheIgnite2.8-Unresolvedissues(notrelatedtodocumentation
> > > >> > )
> > > >> > >>>
> > > >> > >>> On Thu, 9 Jan 2020 at 19:01, Alexey Zinoviev <
> > > zaleslaw.sin@gmail.com
> > > >> > >
> > > >> > >>> wrote:
> > > >> > >>>>
> > > >> > >>>> +1
> > > >> > >>>>
> > > >> > >>>> чт, 9 янв. 2020 г. в 18:52, Sergey Antonov <
> > > >> >  antonovsergey93@gmail.com >:
> > > >> > >>>>
> > > >> > >>>>> +1
> > > >> > >>>>>
> > > >> > >>>>> I'm preparing patch for 2.8 branch now. TC Bot visa for 2.8
> > > branch
> > > >> > >>> will be
> > > >> > >>>>> at 13 Jan
> > > >> > >>>>>
> > > >> > >>>>> чт, 9 янв. 2020 г., 21:06 Ivan Pavlukhin <
> vololo100@gmail.com
> > > >:
> > > >> > >>>>>
> > > >> > >>>>>> +1
> > > >> > >>>>>>
> > > >> > >>>>>> чт, 9 янв. 2020 г. в 16:38, Ivan Rakov <
> > > ivan.glukos@gmail.com >:
> > > >> > >>>>>>>
> > > >> > >>>>>>> Maxim M. and anyone who is interested,
> > > >> > >>>>>>>
> > > >> > >>>>>>> I suggest to include this fix to 2.8 release:
> > > >> > >>>>>>>  https://issues.apache.org/jira/browse/IGNITE-12225
> > > >> > >>>>>>> Basically, it's a result of the following discussion:
> > > >> > >>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> http://apache-ignite-developers.2346864.n4.nabble.com/DISCUSSION-Single-point-in-API-for-changing-cluster-state-td43665.html
> > > >> > >>>>>>>
> > > >> > >>>>>>> The fix affects public API: IgniteCluster#readOnly methods
> > > that
> > > >> > >>> work
> > > >> > >>>>> with
> > > >> > >>>>>>> boolean are replaced with ones that work with enum.
> > > >> > >>>>>>> If we include it, we won't be obliged to keep deprecated
> > > boolean
> > > >> > >>>>> version
> > > >> > >>>>>> of
> > > >> > >>>>>>> API in the code (which is currently present in 2.8
> branch) as
> > > it
> > > >> > >>> wasn't
> > > >> > >>>>>>> published in any release.
> > > >> > >>>>>>>
> > > >> > >>>>>>> On Tue, Dec 31, 2019 at 3:54 PM Ilya Kasnacheev <
> > > >> > >>>>>>  ilya.kasnacheev@gmail.com >
> > > >> > >>>>>>> wrote:
> > > >> > >>>>>>>
> > > >> > >>>>>>>> Hello!
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> I have ran dependency checker plugin and quote the
> following:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-urideploy:
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-spring:
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-spring-data:
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-aop:
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-visor-console:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> spring-core-4.3.18.RELEASE.jar
> > > >> > >>>>>>>> (pkg:maven/org.springframework/spring-core@4.3.18.RELEASE
> ,
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>
> > > >> >
> > >
> cpe:2.3:a:pivotal_software:spring_framework:4.3.18.release:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> > > >> > >>>
> > > cpe:2.3:a:springsource:spring_framework:4.3.18.release:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> > > >> > >>>
> > > cpe:2.3:a:vmware:springsource_spring_framework:4.3.18:*:*:*:*:*:*:*)
> > > >> > >>>>> :
> > > >> > >>>>>>>> CVE-2018-15756
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-spring-data_2.0:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> spring-core-5.0.8.RELEASE.jar
> > > >> > >>>>>>>> (pkg:maven/org.springframework/spring-core@5.0.8.RELEASE
> ,
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>
> > > >> >
> > >
> cpe:2.3:a:pivotal_software:spring_framework:5.0.8.release:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> > > >> > >>>
> > > cpe:2.3:a:springsource:spring_framework:5.0.8.release:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> > > >> > >>>
> > > cpe:2.3:a:vmware:springsource_spring_framework:5.0.8:*:*:*:*:*:*:*) :
> > > >> > >>>>>>>> CVE-2018-15756
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-rest-http:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> jetty-server-9.4.11.v20180605.jar
> > > >> > >>>>>>>>
> (pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605,
> > > >> > >>>>>>>> cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:jetty:jetty:9.4.11.v20180605:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:mortbay_jetty:jetty:9.4.11:20180605:*:*:*:*:*:*) :
> > > >> > >>>>>>>> CVE-2018-12545, CVE-2019-10241, CVE-2019-10247
> > > >> > >>>>>>>> jackson-databind-2.9.6.jar
> > > >> > >>>>>>>>
> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6
> > > ,
> > > >> > >>>>>>>> cpe:2.3:a:fasterxml:jackson:2.9.6:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*) :
> > > >> > >>>>>>>> CVE-2018-1000873, CVE-2018-14718, CVE-2018-14719,
> > > CVE-2018-14720,
> > > >> > >>>>>>>> CVE-2018-14721, CVE-2018-19360, CVE-2018-19361,
> > > CVE-2018-19362,
> > > >> > >>>>>>>> CVE-2019-12086, CVE-2019-12384, CVE-2019-12814,
> > > CVE-2019-14379,
> > > >> > >>>>>>>> CVE-2019-14439, CVE-2019-14540, CVE-2019-16335,
> > > CVE-2019-16942,
> > > >> > >>>>>>>> CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-kubernetes:
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-aws:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> jackson-databind-2.9.6.jar
> > > >> > >>>>>>>>
> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6
> > > ,
> > > >> > >>>>>>>> cpe:2.3:a:fasterxml:jackson:2.9.6:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*) :
> > > >> > >>>>>>>> CVE-2018-1000873, CVE-2018-14718, CVE-2018-14719,
> > > CVE-2018-14720,
> > > >> > >>>>>>>> CVE-2018-14721, CVE-2018-19360, CVE-2018-19361,
> > > CVE-2018-19362,
> > > >> > >>>>>>>> CVE-2019-12086, CVE-2019-12384, CVE-2019-12814,
> > > CVE-2019-14379,
> > > >> > >>>>>>>> CVE-2019-14439, CVE-2019-14540, CVE-2019-16335,
> > > CVE-2019-16942,
> > > >> > >>>>>>>> CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
> > > >> > >>>>>>>> bcprov-ext-jdk15on-1.54.jar
> > > >> > >>>>>>>> (pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.54) :
> > > >> > >>>>> CVE-2015-6644,
> > > >> > >>>>>>>> CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340,
> > > >> > >>>>> CVE-2016-1000341,
> > > >> > >>>>>>>> CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344,
> > > >> > >>>>> CVE-2016-1000345,
> > > >> > >>>>>>>> CVE-2016-1000346, CVE-2016-1000352, CVE-2016-2427,
> > > >> > >>> CVE-2017-13098,
> > > >> > >>>>>>>> CVE-2018-1000180, CVE-2018-1000613
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-gce:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> httpclient-4.0.1.jar
> > > >> > >>>>>> (pkg:maven/org.apache.httpcomponents/httpclient@4.0.1
> > > >> > >>>>>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:apache:httpclient:4.0.1:*:*:*:*:*:*:*) :
> > > CVE-2011-1498,
> > > >> > >>>>>>>> CVE-2014-3577, CVE-2015-5262
> > > >> > >>>>>>>> guava-jdk5-17.0.jar
> > > (pkg:maven/com.google.guava/guava-jdk5@17.0,
> > > >> > >>>>>>>> cpe:2.3:a:google:guava:17.0:*:*:*:*:*:*:*) :
> CVE-2018-10237
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-cloud:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> openstack-keystone-2.0.0.jar
> > > >> > >>>>>>>>
> (pkg:maven/org.apache.jclouds.api/openstack-keystone@2.0.0,
> > > >> > >>>>>>>> cpe:2.3:a:openstack:keystone:2.0.0:*:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:openstack:openstack:2.0.0:*:*:*:*:*:*:*) :
> > > >> > >>> CVE-2013-2014,
> > > >> > >>>>>>>> CVE-2013-4222, CVE-2013-6391, CVE-2014-0204,
> CVE-2014-3476,
> > > >> > >>>>>> CVE-2014-3520,
> > > >> > >>>>>>>> CVE-2014-3621, CVE-2015-3646, CVE-2015-7546,
> CVE-2018-14432,
> > > >> > >>>>>> CVE-2018-20170
> > > >> > >>>>>>>> cloudstack-2.0.0.jar
> > > >> > >>>>> (pkg:maven/org.apache.jclouds.api/cloudstack@2.0.0
> > > >> > >>>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:apache:cloudstack:2.0.0:*:*:*:*:*:*:*) :
> > > CVE-2013-2136,
> > > >> > >>>>>>>> CVE-2013-6398, CVE-2014-0031, CVE-2014-9593,
> CVE-2015-3252
> > > >> > >>>>>>>> docker-2.0.0.jar
> > > (pkg:maven/org.apache.jclouds.api/docker@2.0.0,
> > > >> > >>>>>>>> cpe:2.3:a:docker:docker:2.0.0:*:*:*:*:*:*:*) :
> > > CVE-2018-10892,
> > > >> > >>>>>>>> CVE-2019-13139, CVE-2019-13509, CVE-2019-15752,
> > > CVE-2019-16884,
> > > >> > >>>>>>>> CVE-2019-5736
> > > >> > >>>>>>>> guava-16.0.1.jar (pkg:maven/com.google.guava/guava@16.0.1
> ,
> > > >> > >>>>>>>> cpe:2.3:a:google:guava:16.0.1:*:*:*:*:*:*:*) :
> CVE-2018-10237
> > > >> > >>>>>>>> docker-1.9.3.jar
> > > (pkg:maven/org.apache.jclouds.labs/docker@1.9.3
> > > >> > >>> ,
> > > >> > >>>>>>>> cpe:2.3:a:docker:docker:1.9.3:*:*:*:*:*:*:*) :
> CVE-2016-3697,
> > > >> > >>>>>>>> CVE-2017-14992, CVE-2019-13139, CVE-2019-13509,
> > > CVE-2019-15752,
> > > >> > >>>>>>>> CVE-2019-16884, CVE-2019-5736
> > > >> > >>>>>>>> jsch.agentproxy.core-0.0.8.jar
> > > >> > >>>>>>>> (pkg:maven/com.jcraft/jsch.agentproxy.core@0.0.8,
> > > >> > >>>>>>>> cpe:2.3:a:jcraft:jsch:0.0.8:*:*:*:*:*:*:*) :
> CVE-2016-5725
> > > >> > >>>>>>>> bcprov-ext-jdk15on-1.49.jar
> > > >> > >>>>>>>> (pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.49) :
> > > >> > >>>>> CVE-2015-6644,
> > > >> > >>>>>>>> CVE-2015-7940, CVE-2016-1000338, CVE-2016-1000339,
> > > >> > >>> CVE-2016-1000341,
> > > >> > >>>>>>>> CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344,
> > > >> > >>>>> CVE-2016-1000345,
> > > >> > >>>>>>>> CVE-2016-1000346, CVE-2016-1000352, CVE-2017-13098,
> > > >> > >>> CVE-2018-1000613
> > > >> > >>>>>>>> okhttp-2.2.0.jar
> (pkg:maven/com.squareup.okhttp/okhttp@2.2.0
> > > ,
> > > >> > >>>>>>>> cpe:2.3:a:squareup:okhttp:2.2.0:*:*:*:*:*:*:*) :
> > > CVE-2016-2402
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-mesos:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> mesos-1.5.0.jar (pkg:maven/org.apache.mesos/mesos@1.5.0,
> > > >> > >>>>>>>> cpe:2.3:a:apache:mesos:1.5.0:*:*:*:*:*:*:*) :
> CVE-2018-11793,
> > > >> > >>>>>>>> CVE-2018-1330, CVE-2018-8023, CVE-2019-0204,
> CVE-2019-5736
> > > >> > >>>>>>>> jetty-server-9.4.11.v20180605.jar
> > > >> > >>>>>>>>
> (pkg:maven/org.eclipse.jetty/jetty-server@9.4.11.v20180605,
> > > >> > >>>>>>>> cpe:2.3:a:eclipse:jetty:9.4.11:20180605:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:jetty:jetty:9.4.11.v20180605:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:mortbay_jetty:jetty:9.4.11:20180605:*:*:*:*:*:*) :
> > > >> > >>>>>>>> CVE-2018-12545, CVE-2019-10241, CVE-2019-10247
> > > >> > >>>>>>>> jackson-databind-2.9.6.jar
> > > >> > >>>>>>>>
> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.6
> > > ,
> > > >> > >>>>>>>> cpe:2.3:a:fasterxml:jackson:2.9.6:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:fasterxml:jackson-databind:2.9.6:*:*:*:*:*:*:*) :
> > > >> > >>>>>>>> CVE-2018-1000873, CVE-2018-14718, CVE-2018-14719,
> > > CVE-2018-14720,
> > > >> > >>>>>>>> CVE-2018-14721, CVE-2018-19360, CVE-2018-19361,
> > > CVE-2018-19362,
> > > >> > >>>>>>>> CVE-2019-12086, CVE-2019-12384, CVE-2019-12814,
> > > CVE-2019-14379,
> > > >> > >>>>>>>> CVE-2019-14439, CVE-2019-14540, CVE-2019-16335,
> > > CVE-2019-16942,
> > > >> > >>>>>>>> CVE-2019-16943, CVE-2019-17267, CVE-2019-17531
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-kafka:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> kafka-clients-2.0.1.jar
> > > >> > >>>>> (pkg:maven/org.apache.kafka/kafka-clients@2.0.1
> > > >> > >>>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:apache:kafka:2.0.1:*:*:*:*:*:*:*) :
> CVE-2018-17196
> > > >> > >>>>>>>> connect-api-2.0.1.jar
> > > >> > >>> (pkg:maven/org.apache.kafka/connect-api@2.0.1,
> > > >> > >>>>>>>> cpe:2.3:a:apache:kafka:2.0.1:*:*:*:*:*:*:*) :
> CVE-2018-17196
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-flume:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> guava-11.0.2.jar (pkg:maven/com.google.guava/guava@11.0.2
> ,
> > > >> > >>>>>>>> cpe:2.3:a:google:guava:11.0.2:*:*:*:*:*:*:*) :
> CVE-2018-10237
> > > >> > >>>>>>>> jackson-core-asl-1.8.8.jar
> > > >> > >>>>>>>> (pkg:maven/org.codehaus.jackson/jackson-core-asl@1.8.8,
> > > >> > >>>>>>>> cpe:2.3:a:fasterxml:jackson:1.8.8:*:*:*:*:*:*:*) :
> > > >> > >>> CVE-2017-15095,
> > > >> > >>>>>>>> CVE-2017-17485, CVE-2017-7525
> > > >> > >>>>>>>> jackson-mapper-asl-1.8.8.jar
> > > >> > >>>>>>>> (pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.8.8
> ,
> > > >> > >>>>>>>> cpe:2.3:a:fasterxml:jackson:1.8.8:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:fasterxml:jackson-mapper-asl:1.8.8:*:*:*:*:*:*:*) :
> > > >> > >>>>>>>> CVE-2017-15095, CVE-2017-17485, CVE-2017-7525,
> > > CVE-2018-1000873,
> > > >> > >>>>>>>> CVE-2018-14718, CVE-2018-5968, CVE-2018-7489,
> CVE-2019-14540,
> > > >> > >>>>>>>> CVE-2019-16335, CVE-2019-17267
> > > >> > >>>>>>>> commons-collections-3.2.1.jar
> > > >> > >>>>>>>> (pkg:maven/commons-collections/commons-collections@3.2.1
> ,
> > > >> > >>>>>>>>
> cpe:2.3:a:apache:commons_collections:3.2.1:*:*:*:*:*:*:*) :
> > > >> > >>>>>> CVE-2015-6420,
> > > >> > >>>>>>>> CVE-2017-15708, Remote code execution
> > > >> > >>>>>>>> netty-3.9.4.Final.jar
> (pkg:maven/io.netty/netty@3.9.4.Final,
> > > >> > >>>>>>>> cpe:2.3:a:netty:netty:3.9.4:*:*:*:*:*:*:*) :
> CVE-2015-2156,
> > > >> > >>>>>> CVE-2019-16869,
> > > >> > >>>>>>>> POODLE vulnerability in SSLv3.0 support
> > > >> > >>>>>>>> servlet-api-2.5-20110124.jar
> > > >> > >>>>>>>> (pkg:maven/org.mortbay.jetty/servlet-api@2.5-20110124,
> > > >> > >>>>>>>> cpe:2.3:a:jetty:jetty:2.5.20110124:*:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:mortbay:jetty:2.5.20110124:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:mortbay_jetty:jetty:2.5.20110124:*:*:*:*:*:*:*) :
> > > >> > >>>>>> CVE-2005-3747,
> > > >> > >>>>>>>> CVE-2007-5615, CVE-2009-1523, CVE-2009-1524,
> CVE-2009-5048,
> > > >> > >>>>>> CVE-2009-5049,
> > > >> > >>>>>>>> CVE-2011-4461
> > > >> > >>>>>>>> jetty-util-6.1.26.jar
> > > >> > >>> (pkg:maven/org.mortbay.jetty/jetty-util@6.1.26
> > > >> > >>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:jetty:jetty:6.1.26:*:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:mortbay:jetty:6.1.26:*:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:mortbay_jetty:jetty:6.1.26:*:*:*:*:*:*:*) :
> > > >> > >>> CVE-2009-1523,
> > > >> > >>>>>>>> CVE-2011-4461
> > > >> > >>>>>>>> jetty-6.1.26.jar
> (pkg:maven/org.mortbay.jetty/jetty@6.1.26,
> > > >> > >>>>>>>> cpe:2.3:a:jetty:jetty:6.1.26:*:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:mortbay:jetty:6.1.26:*:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:mortbay_jetty:jetty:6.1.26:*:*:*:*:*:*:*) :
> > > >> > >>> CVE-2009-1523,
> > > >> > >>>>>>>> CVE-2011-4461, CVE-2017-7656, CVE-2017-7657,
> CVE-2017-7658,
> > > >> > >>>>>> CVE-2017-9735,
> > > >> > >>>>>>>> CVE-2019-10241, CVE-2019-10247
> > > >> > >>>>>>>> libthrift-0.9.0.jar
> > > (pkg:maven/org.apache.thrift/libthrift@0.9.0)
> > > >> > >>> :
> > > >> > >>>>>>>> CVE-2015-3254, CVE-2016-5397, CVE-2018-1320,
> CVE-2019-0205
> > > >> > >>>>>>>> httpclient-4.1.3.jar
> > > >> > >>>>>> (pkg:maven/org.apache.httpcomponents/httpclient@4.1.3
> > > >> > >>>>>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:apache:httpclient:4.1.3:*:*:*:*:*:*:*) :
> > > CVE-2014-3577,
> > > >> > >>>>>>>> CVE-2015-5262
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-twitter:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> httpclient-4.2.5.jar
> > > >> > >>>>>> (pkg:maven/org.apache.httpcomponents/httpclient@4.2.5
> > > >> > >>>>>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:apache:httpclient:4.2.5:*:*:*:*:*:*:*) :
> > > CVE-2014-3577,
> > > >> > >>>>>>>> CVE-2015-5262
> > > >> > >>>>>>>> guava-14.0.1.jar (pkg:maven/com.google.guava/guava@14.0.1
> ,
> > > >> > >>>>>>>> cpe:2.3:a:google:guava:14.0.1:*:*:*:*:*:*:*) :
> CVE-2018-10237
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-zookeeper:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> jackson-databind-2.9.8.jar
> > > >> > >>>>>>>>
> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.9.8
> > > ,
> > > >> > >>>>>>>> cpe:2.3:a:fasterxml:jackson:2.9.8:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:fasterxml:jackson-databind:2.9.8:*:*:*:*:*:*:*) :
> > > >> > >>>>>> CVE-2019-12086,
> > > >> > >>>>>>>> CVE-2019-12384, CVE-2019-12814, CVE-2019-14379,
> > > CVE-2019-14439,
> > > >> > >>>>>>>> CVE-2019-14540, CVE-2019-16335, CVE-2019-16942,
> > > CVE-2019-16943,
> > > >> > >>>>>>>> CVE-2019-17267, CVE-2019-17531
> > > >> > >>>>>>>> guava-16.0.1.jar (pkg:maven/com.google.guava/guava@16.0.1
> ,
> > > >> > >>>>>>>> cpe:2.3:a:google:guava:16.0.1:*:*:*:*:*:*:*) :
> CVE-2018-10237
> > > >> > >>>>>>>> jackson-mapper-asl-1.9.13.jar
> > > >> > >>>>>>>> (pkg:maven/org.codehaus.jackson/jackson-mapper-asl@1.9.13
> ,
> > > >> > >>>>>>>> cpe:2.3:a:fasterxml:jackson:1.9.13:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:fasterxml:jackson-mapper-asl:1.9.13:*:*:*:*:*:*:*)
> > > :
> > > >> > >>>>>>>> CVE-2017-15095, CVE-2017-17485, CVE-2017-7525,
> > > CVE-2018-1000873,
> > > >> > >>>>>>>> CVE-2018-14718, CVE-2018-5968, CVE-2018-7489,
> CVE-2019-10172,
> > > >> > >>>>>>>> CVE-2019-14540, CVE-2019-16335, CVE-2019-17267
> > > >> > >>>>>>>> netty-all-4.1.29.Final.jar
> > > >> > >>> (pkg:maven/io.netty/netty-all@4.1.29.Final
> > > >> > >>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:netty:netty:4.1.29:*:*:*:*:*:*:*) :
> CVE-2019-16869
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-camel:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> camel-core-2.22.0.jar
> > > >> > >>> (pkg:maven/org.apache.camel/camel-core@2.22.0,
> > > >> > >>>>>>>> cpe:2.3:a:apache:camel:2.22.0:*:*:*:*:*:*:*) :
> CVE-2018-8041,
> > > >> > >>>>>>>> CVE-2019-0188, CVE-2019-0194
> > > >> > >>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> camel-core-2.22.0.jar/META-INF/maven/org.apache.camel/spi-annotations/pom.xml
> > > >> > >>>>>>>> (pkg:maven/org.apache.camel/spi-annotations@2.22.0,
> > > >> > >>>>>>>> cpe:2.3:a:apache:camel:2.22.0:*:*:*:*:*:*:*) :
> CVE-2018-8041,
> > > >> > >>>>>>>> CVE-2019-0188, CVE-2019-0194
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-storm:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> storm-core-1.1.1.jar
> > > (pkg:maven/org.apache.storm/storm-core@1.1.1
> > > >> > >>> ,
> > > >> > >>>>>>>> cpe:2.3:a:apache:storm:1.1.1:*:*:*:*:*:*:*) :
> CVE-2018-11779,
> > > >> > >>>>>>>> CVE-2018-1331, CVE-2018-1332, CVE-2018-8008,
> CVE-2019-0202
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> storm-core-1.1.1.jar/META-INF/maven/org.eclipse.jetty/jetty-servlet/pom.xml
> > > >> > >>>>>>>>
> (pkg:maven/org.eclipse.jetty/jetty-servlet@7.6.13.v20130916,
> > > >> > >>>>>>>> cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:jetty:jetty:7.6.13.v20130916:*:*:*:*:*:*:*) :
> > > >> > >>>>> CVE-2019-10247
> > > >> > >>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> storm-core-1.1.1.jar/META-INF/maven/org.apache.httpcomponents/httpclient/pom.xml
> > > >> > >>>>>>>> (pkg:maven/org.apache.httpcomponents/httpclient@4.3.3,
> > > >> > >>>>>>>> cpe:2.3:a:apache:httpclient:4.3.3:*:*:*:*:*:*:*) :
> > > CVE-2014-3577,
> > > >> > >>>>>>>> CVE-2015-5262
> > > >> > >>>>>>>>
> > > >> > >>>
> storm-core-1.1.1.jar/META-INF/maven/com.google.guava/guava/pom.xml
> > > >> > >>>>>>>> (pkg:maven/com.google.guava/guava@16.0.1,
> > > >> > >>>>>>>> cpe:2.3:a:google:guava:16.0.1:*:*:*:*:*:*:*) :
> CVE-2018-10237
> > > >> > >>>>>>>>
> storm-core-1.1.1.jar/META-INF/maven/io.netty/netty/pom.xml
> > > >> > >>>>>>>> (pkg:maven/io.netty/netty@3.9.0.Final,
> > > >> > >>>>>>>> cpe:2.3:a:netty:netty:3.9.0:*:*:*:*:*:*:*) :
> CVE-2014-0193,
> > > >> > >>>>>> CVE-2014-3488,
> > > >> > >>>>>>>> CVE-2015-2156, CVE-2019-16869, POODLE vulnerability in
> > > SSLv3.0
> > > >> > >>>>> support
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> storm-core-1.1.1.jar/META-INF/maven/org.eclipse.jetty/jetty-server/pom.xml
> > > >> > >>>>>>>>
> (pkg:maven/org.eclipse.jetty/jetty-server@7.6.13.v20130916,
> > > >> > >>>>>>>> cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:jetty:jetty:7.6.13.v20130916:*:*:*:*:*:*:*) :
> > > >> > >>>>> CVE-2011-4461,
> > > >> > >>>>>>>> CVE-2017-7656, CVE-2017-7657, CVE-2017-7658,
> CVE-2017-9735,
> > > >> > >>>>>> CVE-2019-10241,
> > > >> > >>>>>>>> CVE-2019-10247
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>
> > > >> >
> > >
> storm-core-1.1.1.jar/META-INF/maven/org.eclipse.jetty/jetty-util/pom.xml
> > > >> > >>>>>>>> (pkg:maven/org.eclipse.jetty/jetty-util@7.6.13.v20130916
> ,
> > > >> > >>>>>>>> cpe:2.3:a:eclipse:jetty:7.6.13:20130916:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:jetty:jetty:7.6.13.v20130916:*:*:*:*:*:*:*) :
> > > >> > >>>>> CVE-2011-4461,
> > > >> > >>>>>>>> CVE-2019-10247
> > > >> > >>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> storm-core-1.1.1.jar/META-INF/maven/commons-fileupload/commons-fileupload/pom.xml
> > > >> > >>>>>>>> (pkg:maven/commons-fileupload/commons-fileupload@1.3.2,
> > > >> > >>>>>>>> cpe:2.3:a:apache:commons_fileupload:1.3.2:*:*:*:*:*:*:*)
> :
> > > >> > >>>>>> CVE-2016-1000031
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>
> > > >> >
> > >
> storm-core-1.1.1.jar/META-INF/maven/org.apache.hadoop/hadoop-auth/pom.xml
> > > >> > >>>>>>>> (pkg:maven/org.apache.hadoop/hadoop-auth@2.6.1,
> > > >> > >>>>>>>> cpe:2.3:a:apache:hadoop:2.6.1:*:*:*:*:*:*:*) :
> CVE-2015-1776,
> > > >> > >>>>>>>> CVE-2016-3086, CVE-2016-5001, CVE-2016-5393,
> CVE-2016-6811,
> > > >> > >>>>>> CVE-2017-15713,
> > > >> > >>>>>>>> CVE-2017-3161, CVE-2017-3162, CVE-2017-3166,
> CVE-2018-11768,
> > > >> > >>>>>> CVE-2018-1296,
> > > >> > >>>>>>>> CVE-2018-8009, CVE-2018-8029
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-cassandra-store:
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-cassandra-serializers:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> commons-beanutils-1.9.2.jar
> > > >> > >>>>>>>> (pkg:maven/commons-beanutils/commons-beanutils@1.9.2,
> > > >> > >>>>>>>> cpe:2.3:a:apache:commons_beanutils:1.9.2:*:*:*:*:*:*:*) :
> > > >> > >>>>>> CVE-2019-10086
> > > >> > >>>>>>>> commons-collections-3.2.1.jar
> > > >> > >>>>>>>> (pkg:maven/commons-collections/commons-collections@3.2.1
> ,
> > > >> > >>>>>>>>
> cpe:2.3:a:apache:commons_collections:3.2.1:*:*:*:*:*:*:*) :
> > > >> > >>>>>> CVE-2015-6420,
> > > >> > >>>>>>>> CVE-2017-15708, Remote code execution
> > > >> > >>>>>>>> spring-core-4.3.18.RELEASE.jar
> > > >> > >>>>>>>> (pkg:maven/org.springframework/spring-core@4.3.18.RELEASE
> ,
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>
> > > >> >
> > >
> cpe:2.3:a:pivotal_software:spring_framework:4.3.18.release:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> > > >> > >>>
> > > cpe:2.3:a:springsource:spring_framework:4.3.18.release:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> > > >> > >>>
> > > cpe:2.3:a:vmware:springsource_spring_framework:4.3.18:*:*:*:*:*:*:*)
> > > >> > >>>>> :
> > > >> > >>>>>>>> CVE-2018-15756
> > > >> > >>>>>>>> netty-transport-4.1.27.Final.jar
> > > >> > >>>>>>>> (pkg:maven/io.netty/netty-transport@4.1.27.Final,
> > > >> > >>>>>>>> cpe:2.3:a:netty:netty:4.1.27:*:*:*:*:*:*:*) :
> CVE-2019-16869
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-flink:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> flink-hadoop-fs-1.5.0.jar
> > > >> > >>>>>> (pkg:maven/org.apache.flink/flink-hadoop-fs@1.5.0
> > > >> > >>>>>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:apache:hadoop:1.5.0:*:*:*:*:*:*:*) :
> CVE-2016-5001,
> > > >> > >>>>>>>> CVE-2017-3161, CVE-2017-3162
> > > >> > >>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> flink-shaded-netty-4.0.27.Final-2.0.jar/META-INF/maven/io.netty/netty-all/pom.xml
> > > >> > >>>>>>>> (pkg:maven/io.netty/netty-all@4.0.27.Final,
> > > >> > >>>>>>>> cpe:2.3:a:netty:netty:4.0.27:*:*:*:*:*:*:*) :
> CVE-2015-2156,
> > > >> > >>>>>> CVE-2016-4970,
> > > >> > >>>>>>>> CVE-2019-16869
> > > >> > >>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> flink-shaded-jackson-2.7.9-3.0.jar/META-INF/maven/com.fasterxml.jackson.core/jackson-databind/pom.xml
> > > >> > >>>>>>>>
> (pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.7.9
> > > ,
> > > >> > >>>>>>>> cpe:2.3:a:fasterxml:jackson:2.7.9:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:fasterxml:jackson-databind:2.7.9:*:*:*:*:*:*:*) :
> > > >> > >>>>>> CVE-2017-15095,
> > > >> > >>>>>>>> CVE-2017-17485, CVE-2017-7525, CVE-2018-1000873,
> > > CVE-2018-11307,
> > > >> > >>>>>>>> CVE-2018-12022, CVE-2018-12023, CVE-2018-14718,
> > > CVE-2018-14719,
> > > >> > >>>>>>>> CVE-2018-14720, CVE-2018-14721, CVE-2018-19360,
> > > CVE-2018-19361,
> > > >> > >>>>>>>> CVE-2018-19362, CVE-2018-5968, CVE-2018-7489,
> CVE-2019-12086,
> > > >> > >>>>>>>> CVE-2019-12384, CVE-2019-12814, CVE-2019-14379,
> > > CVE-2019-14439,
> > > >> > >>>>>>>> CVE-2019-14540, CVE-2019-16335, CVE-2019-16942,
> > > CVE-2019-16943,
> > > >> > >>>>>>>> CVE-2019-17267, CVE-2019-17531
> > > >> > >>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> flink-shaded-guava-18.0-2.0.jar/META-INF/maven/com.google.guava/guava/pom.xml
> > > >> > >>>>>>>> (pkg:maven/com.google.guava/guava@18.0,
> > > >> > >>>>>>>> cpe:2.3:a:google:guava:18.0:*:*:*:*:*:*:*) :
> CVE-2018-10237
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> One or more dependencies were identified with known
> > > >> > >>> vulnerabilities
> > > >> > >>>>> in
> > > >> > >>>>>>>> ignite-rocketmq:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> netty-all-4.0.42.Final.jar
> > > >> > >>> (pkg:maven/io.netty/netty-all@4.0.42.Final
> > > >> > >>>>> ,
> > > >> > >>>>>>>> cpe:2.3:a:netty:netty:4.0.42:*:*:*:*:*:*:*) :
> CVE-2019-16869
> > > >> > >>>>>>>> netty-tcnative-boringssl-static-1.1.33.Fork26.jar
> > > >> > >>>>>>>>
> > > (pkg:maven/io.netty/netty-tcnative-boringssl-static@1.1.33.Fork26
> > > >> > >>> ,
> > > >> > >>>>>>>> cpe:2.3:a:apache:tomcat:1.1.33:*:*:*:*:*:*:*,
> > > >> > >>>>>>>> cpe:2.3:a:apache:tomcat_native:1.1.33:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> > > cpe:2.3:a:apache_software_foundation:tomcat:1.1.33:*:*:*:*:*:*:*,
> > > >> > >>>>>>>>
> cpe:2.3:a:apache_tomcat:apache_tomcat:1.1.33:*:*:*:*:*:*:*) :
> > > >> > >>>>>>>> CVE-2000-1210, CVE-2001-0590, CVE-2002-0493,
> CVE-2005-4838,
> > > >> > >>>>>> CVE-2006-7196,
> > > >> > >>>>>>>> CVE-2007-1358, CVE-2007-2449, CVE-2008-0128,
> CVE-2009-2696,
> > > >> > >>>>>> CVE-2012-5568,
> > > >> > >>>>>>>> CVE-2013-2185, CVE-2013-4286, CVE-2013-4322,
> CVE-2013-4444,
> > > >> > >>>>>> CVE-2013-4590,
> > > >> > >>>>>>>> CVE-2013-6357, CVE-2014-0075, CVE-2014-0096,
> CVE-2014-0099,
> > > >> > >>>>>> CVE-2014-0119,
> > > >> > >>>>>>>> CVE-2016-5425, CVE-2017-15698, CVE-2018-8019,
> CVE-2018-8020
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> Main offenders seem to be "jackson-databind" and old
> > > maintenance
> > > >> > >>>>>> releases
> > > >> > >>>>>>>> of Spring. I think we can bump most of that.
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> Some integrations also clearly suffer, through it's a
> > > problem of
> > > >> > >>>>> their
> > > >> > >>>>>>>> users, since they need to declare their own libraries'
> > > versions
> > > >> > >>> by
> > > >> > >>>>>>>> convention.
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> Regards,
> > > >> > >>>>>>>> --
> > > >> > >>>>>>>> Ilya Kasnacheev
> > > >> > >>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>>> пт, 27 дек. 2019 г. в 23:59, Denis Magda <
> > > dmagda@apache.org >:
> > > >> > >>>>>>>>
> > > >> > >>>>>>>>> Ilya, no I see, thanks for the explanation. Agree with
> you,
> > > >> > >>> let's
> > > >> > >>>>>> update
> > > >> > >>>>>>>>> the versions of the dependencies to the latest.
> > > >> > >>>>>>>>>
> > > >> > >>>>>>>>> -
> > > >> > >>>>>>>>> Denis
> > > >> > >>>>>>>>>
> > > >> > >>>>>>>>>
> > > >> > >>>>>>>>> On Thu, Dec 26, 2019 at 10:50 PM Ilya Kasnacheev <
> > > >> > >>>>>>>>>  ilya.kasnacheev@gmail.com >
> > > >> > >>>>>>>>> wrote:
> > > >> > >>>>>>>>>
> > > >> > >>>>>>>>>> Hello!
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>> I have committed ignite-spring-data_2.2 to ignite-2.8.
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>> By bumping versisons I mean the following:
> > > >> > >>>>>>>>>> <slf4j.version>1.7.*7*</slf4j.version>
> > > >> > >>>>>>>>>> <slf4j16.version>1.6.*4*</slf4j16.version>
> > > >> > >>>>>>>>>> <snappy.version>1.1.7.*2*</snappy.version>
> > > >> > >>>>>>>>>> <spark.hadoop.version>2.6.*5*</spark.hadoop.version>
> > > >> > >>>>>>>>>> <spark.version>2.3.*0*</spark.version>
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>
> <spring.data.version>1.13.*14*.RELEASE</spring.data.version>
> > > >> > >>>>>>>> <!--
> > > >> > >>>>>>>>>> don't forget to update spring version -->
> > > >> > >>>>>>>>>> <spring.version>4.3.*18*.RELEASE</spring.version><!--
> > > >> > >>>>> don't
> > > >> > >>>>>>>>> forget
> > > >> > >>>>>>>>>> to update spring-data version -->
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>
> > > >> > >>>
> <spring.data-2.0.version>2.0.*9*.RELEASE</spring.data-2.0.version>
> > > >> > >>>>>>>>>> <!-- don't forget to update spring-5.0 version -->
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>
> <spring-5.0.version>5.0.*8*.RELEASE</spring-5.0.version><!--
> > > >> > >>>>>>>>> don't
> > > >> > >>>>>>>>>> forget to update spring-data-2.0 version -->
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>> All these libraries have maintenance release (such as
> our
> > > >> > >>>>> 2.7.*6*)
> > > >> > >>>>>> and
> > > >> > >>>>>>>> I
> > > >> > >>>>>>>>>> think it would be beneficial to upgrade these
> dependencies
> > > >> > >>> to the
> > > >> > >>>>>>>> latest
> > > >> > >>>>>>>>>> maintenance version found in Maven Central.
> > > >> > >>>>>>>>>> For example, there is spring.data-2.0 2.0.*14*.RELEASE.
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>> Regards,
> > > >> > >>>>>>>>>> --
> > > >> > >>>>>>>>>> Ilya Kasnacheev
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>> чт, 26 дек. 2019 г. в 19:32, Denis Magda <
> > > dmagda@apache.org
> > > >> > >>>> :
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>>> A huge +1 for adding Spring Data related
> > > >> > >>> fixes/improvements.
> > > >> > >>>>>> Ilya is
> > > >> > >>>>>>>>>> right
> > > >> > >>>>>>>>>>> that Spring Data related questions sparked last time
> due
> > > to
> > > >> > >>>>>> missing
> > > >> > >>>>>>>>>> support
> > > >> > >>>>>>>>>>> of 2.2 version.
> > > >> > >>>>>>>>>>>
> > > >> > >>>>>>>>>>> Ilya, could you elaborate on what you mean under
> "bumping
> > > >> > >>> the
> > > >> > >>>>>>>>> versions"?
> > > >> > >>>>>>>>>> Do
> > > >> > >>>>>>>>>>> you suggest performing a straightforward upgrade of
> > > >> > >>>>>>>>> "ignite-spring-data"
> > > >> > >>>>>>>>>> to
> > > >> > >>>>>>>>>>> version 2.2 and introducing
> > > >> > >>> "ignite-spring-data-{old-version"}
> > > >> > >>>>>> for
> > > >> > >>>>>>>> the
> > > >> > >>>>>>>>>>> previous versions? If it's so, I fully agree with the
> > > >> > >>> proposal.
> > > >> > >>>>>>>>>>>
> > > >> > >>>>>>>>>>> -
> > > >> > >>>>>>>>>>> Denis
> > > >> > >>>>>>>>>>>
> > > >> > >>>>>>>>>>>
> > > >> > >>>>>>>>>>> On Thu, Dec 26, 2019 at 4:52 AM Ilya Kasnacheev <
> > > >> > >>>>>>>>>>  ilya.kasnacheev@gmail.com
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>> wrote:
> > > >> > >>>>>>>>>>>
> > > >> > >>>>>>>>>>>> Hello!
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> I propose to add the following ticket to the scope:
> > > >> > >>>>>>>>>>>>  https://issues.apache.org/jira/browse/IGNITE-12259
> (3
> > > >> > >>>>>> commits, be
> > > >> > >>>>>>>>>>> careful
> > > >> > >>>>>>>>>>>> with release version)
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> Adding tickets to scope surely seems crazy now, but I
> > > >> > >>> will
> > > >> > >>>>>> provide
> > > >> > >>>>>>>>> the
> > > >> > >>>>>>>>>>>> following considerations:
> > > >> > >>>>>>>>>>>> * This is Spring Data 2.2 integration, which we
> > > >> > >>> currently do
> > > >> > >>>>>> not
> > > >> > >>>>>>>>> have,
> > > >> > >>>>>>>>>>>> leading to lots of confused questions on stack
> overflow
> > > >> > >>> and
> > > >> > >>>>>> mailing
> > > >> > >>>>>>>>>> list.
> > > >> > >>>>>>>>>>>> Spring Data is important to our public image since
> many
> > > >> > >>>>> people
> > > >> > >>>>>> may
> > > >> > >>>>>>>>>> learn
> > > >> > >>>>>>>>>>>> about out project by starting with Spring Data.
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> * It has zero code impact outside of its own module
> > > >> > >>> (just 2
> > > >> > >>>>> POM
> > > >> > >>>>>>>> file
> > > >> > >>>>>>>>>>>> touched and that's all).
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> * The core was ready since early November but, due to
> > > >> > >>> gmail
> > > >> > >>>>>> quirk,
> > > >> > >>>>>>>> we
> > > >> > >>>>>>>>>> did
> > > >> > >>>>>>>>>>>> not react to it in time.
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> WDYT?
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> Another semi-related question. *Should we bump our
> > > >> > >>>>>> dependencies'
> > > >> > >>>>>>>>>> versions
> > > >> > >>>>>>>>>>>> before releasing 2.8?* I talk mainly about spring and
> > > >> > >>>>> hibernate
> > > >> > >>>>>>>>>>>> dependencies. We could switch them to their latest
> > > >> > >>>>> maintenance
> > > >> > >>>>>>>>> versions
> > > >> > >>>>>>>>>>> to
> > > >> > >>>>>>>>>>>> avoid shipping default links to outdated packages.
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> I think this is one of things that are very hard to
> do
> > > >> > >>>>> between
> > > >> > >>>>>>>>>> releases,
> > > >> > >>>>>>>>>>> so
> > > >> > >>>>>>>>>>>> I think this dependencies bumping should be a part
> of a
> > > >> > >>>>> formal
> > > >> > >>>>>>>>>>>> release/testing cycle, and then be backported to
> master.
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> I could volunteer to do that myself, if we agree to
> merge
> > > >> > >>>>> these
> > > >> > >>>>>>>>> version
> > > >> > >>>>>>>>>>>> upgrades to ignite-2.8 and then re-test.
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> Regards,
> > > >> > >>>>>>>>>>>> --
> > > >> > >>>>>>>>>>>> Ilya Kasnacheev
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>> вт, 24 дек. 2019 г. в 13:22, Zhenya Stanilovsky
> > > >> > >>>>>>>>>>> <  arzamas123@mail.ru.invalid
> > > >> > >>>>>>>>>>>>> :
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>> Igniters, i`l try to compare 2.8 release candidate
> vs
> > > >> > >>>>> 2.7.6,
> > > >> > >>>>>>>>>>>>> last sha 2.8 was build from : 9d114f3137f92aebc2562a
> > > >> > >>>>>>>>>>>>> i use yardstick benchmarks, 4 bare machine with: 2x
> > > >> > >>> Xeon
> > > >> > >>>>>> X5570
> > > >> > >>>>>>>>> 96Gb
> > > >> > >>>>>>>>>>>> 512GB
> > > >> > >>>>>>>>>>>>> SSD 2048GB HDD 10GB/s
> > > >> > >>>>>>>>>>>>> 1 for client (driver) and 3 for servers.
> > > >> > >>>>>>>>>>>>> this mappings for graphs and real yardstick tests:
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>> atomic-put: IgnitePutBenchmark
> > > >> > >>>>>>>>>>>>> sql-merge-query: IgniteSqlMergeQueryBenchmark
> > > >> > >>>>>>>>>>>>> atomic-get: IgniteGetBenchmark
> > > >> > >>>>>>>>>>>>> tx-get: IgniteGetTxBenchmark
> > > >> > >>>>>>>>>>>>> tx-put: IgnitePutTxBenchmark
> > > >> > >>>>>>>>>>>>> atomic-put-all-bs-10: IgnitePutAllBenchmark
> > > >> > >>>>>>>>>>>>> tx-put-all-bs-10: IgnitePutAllTxBenchmark
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>> cacheMode — partitioned
> > > >> > >>>>>>>>>>>>> CacheWriteSynchronizationMode.FULL_SYNC
> > > >> > >>>>>>>>>>>>> 1 backup
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>> 1. wal = log_only 2. wal = none 3. persistence
> > > >> > >>> disabled.
> > > >> > >>>>>>>>>>>>> Thanks Maxim for wiki page [1]
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>> [1]
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> >
> > >
> https://cwiki.apache.org/confluence/display/IGNITE/Apache+Ignite+2.8#ApacheIgnite2.8-Benchmarks
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>> do we need some bisect or other work here ?
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>> ------- Forwarded message -------
> > > >> > >>>>>>>>>>>>>> From: "Maxim Muzafarov" <  mmuzaf@apache.org >
> > > >> > >>>>>>>>>>>>>> To:  dev@ignite.apache.org
> > > >> > >>>>>>>>>>>>>> Cc:
> > > >> > >>>>>>>>>>>>>> Subject: Apache Ignite 2.8 RELEASE [Time, Scope,
> > > >> > >>> Manager]
> > > >> > >>>>>>>>>>>>>> Date: Fri, 20 Sep 2019 14:44:31 +0300
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>> Igniters,
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>> It's almost a year has passed since the last major
> > > >> > >>> Apache
> > > >> > >>>>>> Ignite
> > > >> > >>>>>>>>> 2.7
> > > >> > >>>>>>>>>>>>>> has been released. We've accumulated a lot of
> > > >> > >>> performance
> > > >> > >>>>>>>>>> improvements
> > > >> > >>>>>>>>>>>>>> and a lot of new features which are waiting for
> their
> > > >> > >>>>>> release
> > > >> > >>>>>>>>> date.
> > > >> > >>>>>>>>>>>>>> Here is my list of the most interesting things
> from my
> > > >> > >>>>> point
> > > >> > >>>>>>>> since
> > > >> > >>>>>>>>>> the
> > > >> > >>>>>>>>>>>>>> last major release:
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>> Service Grid,
> > > >> > >>>>>>>>>>>>>> Monitoring,
> > > >> > >>>>>>>>>>>>>> Recovery Read
> > > >> > >>>>>>>>>>>>>> BLT auto-adjust,
> > > >> > >>>>>>>>>>>>>> PDS compression,
> > > >> > >>>>>>>>>>>>>> WAL page compression,
> > > >> > >>>>>>>>>>>>>> Thin client: best effort affinity,
> > > >> > >>>>>>>>>>>>>> Thin client: transactions support (not yet)
> > > >> > >>>>>>>>>>>>>> SQL query history
> > > >> > >>>>>>>>>>>>>> SQL statistics
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>> I think we should no longer wait and freeze the
> master
> > > >> > >>>>>> branch
> > > >> > >>>>>>>>>> anymore
> > > >> > >>>>>>>>>>>>>> and prepare the next major release by the end of
> the
> > > >> > >>> year.
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>> I propose to discuss Time, Scope of Apache Ignite
> 2.8
> > > >> > >>>>>> release
> > > >> > >>>>>>>> and
> > > >> > >>>>>>>>>> also
> > > >> > >>>>>>>>>>>>>> I want to propose myself to be the release manager
> of
> > > >> > >>> the
> > > >> > >>>>>>>> planning
> > > >> > >>>>>>>>>>>>>> release.
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>> Scope Freeze: November 4, 2019
> > > >> > >>>>>>>>>>>>>> Code Freeze: November 18, 2019
> > > >> > >>>>>>>>>>>>>> Voting Date: December 10, 2019
> > > >> > >>>>>>>>>>>>>> Release Date: December 17, 2019
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>> WDYT?
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>>
> > > >> > >>>>>>>>>>>>
> > > >> > >>>>>>>>>>>
> > > >> > >>>>>>>>>>
> > > >> > >>>>>>>>>
> > > >> > >>>>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>>
> > > >> > >>>>>> --
> > > >> > >>>>>> Best regards,
> > > >> > >>>>>> Ivan Pavlukhin
> > > >> > >>>>>>
> > > >> > >>>>>
> > > >> > >>>
> > > >> > >>
> > > >> > >>
> > > >> > >> --
> > > >> > >> BR, Sergey Antonov
> > > >> > >
> > > >> >
> > > >> >
> > > >> >
> > > >> >
> > > >
> > > >
> > > >--
> > > >Best regards,
> > > >Ivan Pavlukhin
> > > >
> > >
> > >
> > >
> > >
> >
> >
> >
> > --
> > BR, Sergey Antonov
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message