The Apache Software Foundation Blog

Friday July 27, 2018

The Apache News Round-up: week ending 27 July 2018

Farewell, July! Let's check out the Apache community's activities from the past week:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 August. Board calendar and minutes

ApacheCon™ –the ASF's official global conference series. Join us!
 - 24-27 September: Registration for ApacheCon North America/Montreal is open
 - 8 October: Apache Roadshow and Open Source Job Fair/Fairfax, VA --Save The Date!
 - Media and Community Partner opportunities available for *all* official Apache events: drop us a note at to help.

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield zippity performance at 93.91% uptime.

ASF Operations Factoid –this week, 506 Apache contributors changed 968,003 lines of code over 3,133 commits. Top 5 contributors, in order, are: Tellier Benoit, Karl Heinz Marbaise, Andrea Cosentino, Roberto Cortez, and Gary Gregory.

Apache Accumulo™ –a sorted, distributed key/value store that provides robust, scalable Big Data storage and retrieval.
 - Apache Accumulo 1.9.2 released

Apache Calcite™ –a framework for writing Big Data management systems.
 - Apache Calcite 1.17.0 released

Apache Directory™ Fortress –computer security access management facility written in Java.
 - Apache Fortress 2.0.1 released

Apache HBase™ –Open Source, distributed, versioned, non-relational database.
 - Apache HBase 2.1.0 released

Apache HttpComponents™ HttpAsyncClient–a library for client-side HTTP communication built on HttpCore.
 - HttpComponents HttpAsyncClient 4.1.4 GA released

Apache Kafka™ –distributed, fault tolerant, publish-subscribe messaging.
 - CVE-2017-12610: Authenticated Kafka clients may impersonate other users
 - CVE-2018-1288: Authenticated Kafka clients may interfere with data replication

Apache OpenWhisk (incubating) –distributed serverless computing platform.
 - CVE-2018-11756 PHP Runtime for Apache OpenWhisk
 - CVE-2018-11757 Docker Skeleton Runtime for Apache OpenWhisk

Apache Qpid™ –messaging tools that speak AMQP and support many languages and platforms.
 - Apache Qpid JMS 0.35.0 released

Apache Tomcat™ –an Open Source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.
 - CVE-2018-8019 Apache Tomcat Native Connector - Mishandled OCSP invalid response
 - CVE-2018-8020 Apache Tomcat Native Connector - Mishandled OCSP responses can allow clients to authenticate with revoked certificates
 - CVE-2018-1336 Apache Tomcat - Denial of Service
 - CVE-2018-8037 Apache Tomcat - Information Disclosure
 - CVE-2018-8034 Apache Tomcat - Security Constraint Bypass

Did You Know?

 - Did you know that you can easily help promote ApacheCon?

 - Did you know that you can achieve Machine Learning on SQL by using Apache Hivemall (incubating) on Apache Hive or Apache Spark?

 - Did you know that the highest code contribution value during FY2018 was by Apache Mynewt? $61,769,063 worth of code!

Apache Community Notices:

 - ASF Annual Report for FY2018

 - The Apache Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way"

 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner

 - The Apache Software Foundation 2018 Vision Statement

 - Apache in 2017 - By The Digits

 - Foundation Statement –Apache Is Open.

 - "Success at Apache" focuses on the processes behind why the ASF "just works".

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at

 - Do friend and follow us on the Apache Community Facebook page Twitter account

 - The list of Apache project-related MeetUps can be found at

 - ApacheCon North America will be held 24-27 September in Montreal

 - Save the Date: Apache Roadshow DC and Open Source/Government/Cyber/Job Fair - 8 October 2018 in Fairfax, VA

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more!

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos

= = =

For real-time updates, sign up for Apache-related news by sending mail to and follow @TheASF on Twitter. For a broader spectrum from the Apache community, provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #



Hot Blogs (today's hits)

Tag Cloud