I verified all the signatures, built from the source, set up a pseudo
cluster, and ran a few sample jobs. Everything worked as expected.
I also manually inspected the code and ran the new unit test to exercise
the security issue identified in CVE-2012-3376. I can confirm that
2.0.1-alpha addresses this issue.
Aaron T. Myers
Software Engineer, Cloudera
On Wed, Jul 18, 2012 at 3:20 PM, Arun C Murthy <[EMAIL PROTECTED]> wrote:
> I've created a release candidate (rc0) for hadoop-2.0.1-alpha that I would
> like to release. This release is a bug-fix release which contains critical
> security fixes including CVE-2012-3376.
> It is available at:
> The maven artifacts are available via repository.apache.org.
> Please try the release and vote; the vote will run for the usual 7 days.