apache · Apache9 · Jun 2, 2021 · Jun 2, 2021
diff --git a/CHANGES.md b/CHANGES.md
@@ -32,11 +32,36 @@ The 'pwd' argument says where the thirdparty files to edit are and the
 last argument is the version to search JIRA with.
 
 DO NOT REMOVE THIS MARKER; FOR INTERPOLATING CHANGES!-->
-## Release hbase-thirdparty-3.5.1-stack3 - Unreleased (as of Wed Jun  2 01:22:56 UTC 2021)
-No changes
+# HBASE Changelog
+
+## Release thirdparty-3.5.1 - Unreleased (as of 2021-06-02)
+
+
+
+### BUG FIXES:
+
+| JIRA | Summary | Priority | Component |
+|:---- |:---- | :--- |:---- |
+| [HBASE-25959](https://issues.apache.org/jira/browse/HBASE-25959) | Relocate libnetty\_transport\_native\_epoll\_aarch\_64.so in hbase-thirdparty |  Minor | hbase-thirdparty |
+| [HBASE-25746](https://issues.apache.org/jira/browse/HBASE-25746) | [hbase-thirdparty] Update jetty to \>= 9.4.39 due to CVE-2021-28165 |  Major | thirdparty |
+| [HBASE-25728](https://issues.apache.org/jira/browse/HBASE-25728) | [hbase-thirdparty] Upgrade Netty library to \>= 4.1.60 due to security vulnerability CVE-2021-21295 |  Major | thirdparty |
+
+
+### SUB-TASKS:
+
+| JIRA | Summary | Priority | Component |
+|:---- |:---- | :--- |:---- |
+| [HBASE-25946](https://issues.apache.org/jira/browse/HBASE-25946) | [hbase-thirdparty] Generate CHANGES.md and RELEASENOTES.md for 3.5.1 |  Major | thirdparty |
+| [HBASE-25945](https://issues.apache.org/jira/browse/HBASE-25945) | [hbase-thirdparty] Set version as 3.5.1 in prep for first RC |  Major | thirdparty |
+
+
+### OTHER:
+
+| JIRA | Summary | Priority | Component |
+|:---- |:---- | :--- |:---- |
+| [HBASE-25943](https://issues.apache.org/jira/browse/HBASE-25943) | [hbase-thirdparty] Bump dependencis in hbase-thirdparty |  Major | dependencies, thirdparty |
+| [HBASE-25855](https://issues.apache.org/jira/browse/HBASE-25855) | [hbase-thirdparty] Fix typo in jersey relocation path |  Minor | hbase-thirdparty |
 
-## Release hbase-thirdparty-3.5.1-stack - Unreleased (as of Tue Jun  1 16:48:15 PDT 2021)
-No changes
 
 ## Release hbase-thirdparty-3.5.0 - Unreleased (as of 2021-02-09)
 

diff --git a/RELEASENOTES.md b/RELEASENOTES.md
@@ -20,11 +20,38 @@
 # Be careful doing manual edits in this file. Do not change format
 # of release header or remove the below marker. This file is generated.
 # DO NOT REMOVE THIS MARKER; FOR INTERPOLATING CHANGES!-->
-# hbase hbase-thirdparty-3.5.1-stack3 Release Notes
-No changes
+# HBASE  thirdparty-3.5.1 Release Notes
+
+These release notes cover new developer and user-facing incompatibilities, important issues, features, and major improvements.
+
+
+---
+
+* [HBASE-25943](https://issues.apache.org/jira/browse/HBASE-25943) | *Major* | **[hbase-thirdparty] Bump dependencis in hbase-thirdparty**
+
+protobuf 3.13.0 =\> 3.17.1
+netty 4.1.63.Final =\> 4.1.65.Final
+guava 30.0-jre =\> 30.1.1-jre
+error\_prone\_annotations 2.3.4 =\> 2.7.1
+jetty 9.4.39.v20210325 =\> 9.4.41.v20210516
+
+
+---
+
+* [HBASE-25855](https://issues.apache.org/jira/browse/HBASE-25855) | *Minor* | **[hbase-thirdparty] Fix typo in jersey relocation path**
+
+We have a typo in our jersey relocation path, where we use 'jersery' instead of 'jersey'.
+
+This is a minor change, but indeed an incompatible change. But since hbase-thirdparty is only used by hbase, it is not a big problem for end users. We will update the thridparty dependency for all active branches.
+
+
+---
+
+* [HBASE-25728](https://issues.apache.org/jira/browse/HBASE-25728) | *Major* | **[hbase-thirdparty] Upgrade Netty library to \>= 4.1.60 due to security vulnerability CVE-2021-21295**
+
+Netty is upgrade to 4.1.63.Final due to security vulnerability CVE-2021-21295.
+
 
-# hbase hbase-thirdparty-3.5.1-stack Release Notes
-No changes
 
 # HBASE  hbase-thirdparty-3.5.0 Release Notes