The Apache Software Foundation Blog

Friday November 09, 2018

The Apache News Round-up: week ending 9 November 2018

Happy Friday to all! Let's review what the Apache community has been up to this week:

Success at Apache –a monthly blog series that focuses on the processes behind why the ASF "just works".
 - Success at Apache: Wearing Small Hats by Rich Bowen https://s.apache.org/TGuO

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 21 November. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series, now in its 20th year.
 - REGISTER for Apache Roadshow DC and free Open Source Job Fair http://www.apachecon.com/usroadshow18/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield cracking performance at 98.68% uptime. http://status.apache.org/

Apache Code Snapshot –this week, 514 Apache contributors changed 1,106,696 lines of code over 3,154 commits. Top 5 contributors, in order, are: Gary Gregory, Julian Reschke, Andrea Cosentino, Qian Zhang, and Ash Berlin-Taylor.

Apache Hive™ –Big Data warehouse software that facilitates querying and managing large datasets residing in distributed storage.
 - Apache Hive 2.3.4 released https://hive.apache.org/
 - [SECURITY] CVE-2018-1314: Hive explain query not being authorized http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3CCABDpyChoSC%2BO_whkL_7Zh4ZMiXf7qmWpKoa-hep0dS6MTnJYJA%40mail.gmail.com%3E
 - [SECURITY] CVE-2018-11777: Blocking local resource access in HiveServer2 http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3CCABDpyCjx%2BGpPvEW1mreZPnqCmqBYmAVk3s5NUx4ZGnQKcj7aGg%40mail.gmail.com%3E

Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java(TM) Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
 - Apache Jackrabbit 2.12.10 and Jackrabbit Oak 1.9.10 released http://jackrabbit.apache.org/

Apache Kylin™ –an Open Source Distributed Analytics Engine designed to provide SQL interface and multi-dimensional analysis (OLAP) on Apache Hadoop, supporting extremely large datasets.
 - Apache Kylin 2.5.1 released https://kylin.apache.org/

Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
 - [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 when running Struts 2.3.36 http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3CCAMopvkMgZiJ%2BZkT1HmkQt94q7-bzNWnZm0Td9vq589vz5YM%3DMw%40mail.gmail.com%3E
 - [SECURITY] Immediately upgrade commons-fileupload to version 1.3.3 when running Struts 2.3.36 or prior http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3CCAMopvkMo8WiP%3DfqVQuZ1Fyx%3D6CGz0Epzfe0gG5XAqP1wdJCoBQ%40mail.gmail.com%3E

Apache Syncope™ –an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology.
 - Apache Syncope 2.0.11 and 2.1.2 released http://syncope.apache.org/
 - [SECURITY] CVE-2018-17184 Apache Syncope http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3Ccf9fdd28-aba5-f586-01c0-d37beb50008a%40apache.org%3E
 - [SECURITY] CVE-2018-17186 Apache Syncope http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3Cb1bdfd0b-2151-cafd-d5c9-425de23311f4%40apache.org%3E

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
 - Apache Tomcat 8.5.35 and 9.0.13 released http://tomcat.apache.org/

Did You Know?

 - Did you know that the following Apache projects are celebrating anniversaries? Many happy returns to Apache Ant (16 years); Labs (12 years); HttpComponents (11 years); Attic, Buildr, CouchDB, and Qpid (10 years); Community Development (9 years); OODT and ZooKeeper (8 years); Kafka and Sycope (7 years); Ambari and Marmotta (5 years); BookKeeper, Drill, and MetaModel (4 years); Brooklyn, Groovy, Kylin, REEF (3 years); Geode (2 years); Guacamole, Impala, and Mnemonic (1 year)! https://projects.apache.org/committees.html?date

 - Did you know that Apache CouchDB is porting a test suite from JS to Elixir is seeking assistance from the Elixir community? http://couchdb.apache.org/

 - Did you know that Yelp runs millions of tests every day using Apache Mesos? http://mesos.apache.org/


Apache Community Notices:

 - ASF Operations Summary: Q1 FY2019 https://s.apache.org/qiKn

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://events.apache.org/event/meetups.html

 - CFP now open for Flink Forward China 21-22 December 2018 in Beijing https://china-2018.flink-forward.org/call-for-presentations-submit-talk/

 - The Apache Big Data community will be at DataWorks Summit 18-21 March 2019 in Barcelona and 20-23 May 2019 in Washington DC https://dataworkssummit.com/

 - Future dates for Spark + AI Summit 2019 announced: 23-25 April/San Francisco and 15-17 October/Amsterdam https://databricks.com/sparkaisummit/

 - Block your calendars for ApacheCon North America: taking place in September 2019; announcing dates and details soon. http://apachecon.com/

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # # 

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation