Conversation
tiagomlalves
left a comment
tiagomlalves
left a comment
There was a problem hiding this comment.
Non-blocking comments that can be later fixed if needed.
DSE_6.9_Release_Notes.md
Outdated
| If you're developing applications, please refer to the [Java Driver documentation](https://docs.datastax.com/en/driver-matrix/doc/java-drivers.html) to choose an appropriate version. | ||
|
|
||
| ## 6.9.10 DSE Core | ||
| * Updated the Java Development Kit (JDK) versions to `8u452` and `11.0.27`. These JDKs help build and test DSE, and are available in DSE Docker images. The following exceptions for DSE UBI images apply:. (DSP-24710) |
There was a problem hiding this comment.
@emerkle826 and @rh-datastax there's missing text here. Reasoning is that when we generate the release notes, we consider only a single paragraph and any newline and others get ignored. Can we rework the template to ensure automatic generation can still be done?
There was a problem hiding this comment.
@rh-datastax foudn the same issue in the 6.8.58 release notes. I'll manually update it this time, but maybe we need to adjust the Jira template so that there is a RN field for this tool only, and an additional field for more details that we want to track, but not generate in the Release Notes?
There was a problem hiding this comment.
@emerkle826 & @tiagomlalves - Sounds like a good idea. Do you know who owns the templates?
emerkle826
force-pushed
the
dse-6.9.10-release
branch
from
e50b616 to
a3c8ee0
Compare
rh-datastax
left a comment
rh-datastax
left a comment
There was a problem hiding this comment.
Small fixes, otherwise LGTM.
DSE_6.9_Release_Notes.md
Outdated
| * Removed non-supported Java 8 configuration files. (DSP-24845) | ||
|
|
||
| ## 6.9.10 DSE CVE | ||
| * Upgraded the `net.minidev:json-smart` Java JSON parser package to version `2.5.2` to resolve a Denial of Service (DoS) vulnerability. (DSP-24851, [CVE-2024-57699](https://nvd.nist.gov/vuln/detail/CVE-2024-57699)) |
There was a problem hiding this comment.
| * Upgraded the `net.minidev:json-smart` Java JSON parser package to version `2.5.2` to resolve a Denial of Service (DoS) vulnerability. (DSP-24851, [CVE-2024-57699](https://nvd.nist.gov/vuln/detail/CVE-2024-57699)) | |
| * Upgraded the `net.minidev:json-smart` Java JSON parser package to version `2.5.2`. (DSP-24851, [CVE-2024-57699](https://nvd.nist.gov/vuln/detail/CVE-2024-57699)) |
DSE_6.9_Release_Notes.md
Outdated
| * Upgraded the Apache Commons BeanUtils library to version `1.11.0` to resolve a vulnerability. (DSP-24857, [CVE-2025-48734](https://nvd.nist.gov/vuln/detail/CVE-2025-48734)) | ||
| * Upgraded Netty to version `4.1.119.1.dse`, which is based on version `4.1.119.Final`. (DSP-24850, [CVE-2025-24970](https://nvd.nist.gov/vuln/detail/CVE-2025-24970)) | ||
| * Upgraded the protocol buffers (protobuf) to version `4.29.4` to support DSE core workloads. (DSP-24853, [CVE-2024-7254](https://nvd.nist.gov/vuln/detail/CVE-2024-7254)) | ||
| * Added a fix for [HADOOP-19031|https://issues.apache.org/jira/browse/HADOOP-19031] into the DSE Hadoop software codebase. (DSP-24859, [CVE-2024-23454](https://nvd.nist.gov/vuln/detail/CVE-2024-23454)) |
There was a problem hiding this comment.
| * Added a fix for [HADOOP-19031|https://issues.apache.org/jira/browse/HADOOP-19031] into the DSE Hadoop software codebase. (DSP-24859, [CVE-2024-23454](https://nvd.nist.gov/vuln/detail/CVE-2024-23454)) | |
| * Added a fix for [HADOOP-19031](https://issues.apache.org/jira/browse/HADOOP-19031) into the DSE Hadoop software codebase. (DSP-24859, [CVE-2024-23454](https://nvd.nist.gov/vuln/detail/CVE-2024-23454)) |
There was a problem hiding this comment.
Thanks again on this, I should have figured it would be the same as with 6.8.58
emerkle826
force-pushed
the
dse-6.9.10-release
branch
from
a3c8ee0 to
8bd890d
Compare
| **NOTE**: above-listed DSE Java Driver is an _internal-version_ only. | ||
| If you're developing applications, please refer to the [Java Driver documentation](https://docs.datastax.com/en/driver-matrix/doc/java-drivers.html) to choose an appropriate version. | ||
|
|
||
| ## 6.8.58 DSE Core |
There was a problem hiding this comment.
@emerkle826 need to replace 6.8.38 reference here with 6.9.10
4 participants
Release Notes Automation
If you name your pull-request as "Product x.y.z Release ...", after merging the
PR, a GitHub Action will automatically create a product version tag "product-x.y.z".
Supported product names are:
Version supports 3 sets or 4 sets of digits.