The Apache Software Foundation Blog
The Apache News Round-up: week ending 9 November 2018
Happy Friday to all! Let's review what the Apache community has been up to this week:
Success at Apache –a monthly blog series that focuses on the processes behind why the ASF "just works".
- Success at Apache: Wearing Small Hats by Rich Bowen https://s.apache.org/TGuO
ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
- Next Board Meeting: 21 November. Board calendar and minutes http://apache.org/foundation/board/calendar.html
ApacheCon™ –the ASF's official global conference series, now in its 20th year.
- REGISTER for Apache Roadshow DC and free Open Source Job Fair http://www.apachecon.com/usroadshow18/
ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield cracking performance at 98.68% uptime. http://status.apache.org/
Apache Code Snapshot –this week, 514 Apache contributors changed 1,106,696 lines of code over 3,154 commits. Top 5 contributors, in order, are: Gary Gregory, Julian Reschke, Andrea Cosentino, Qian Zhang, and Ash Berlin-Taylor.
Apache Hive™ –Big Data warehouse software that facilitates querying and managing large datasets residing in distributed storage.
- Apache Hive 2.3.4 released https://hive.apache.org/
- [SECURITY] CVE-2018-1314: Hive explain query not being authorized http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3CCABDpyChoSC%2BO_whkL_7Zh4ZMiXf7qmWpKoa-hep0dS6MTnJYJA%40mail.gmail.com%3E
- [SECURITY] CVE-2018-11777: Blocking local resource access in HiveServer2 http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3CCABDpyCjx%2BGpPvEW1mreZPnqCmqBYmAVk3s5NUx4ZGnQKcj7aGg%40mail.gmail.com%3E
Apache Jackrabbit™ –a fully compliant implementation of the Content Repository for Java(TM) Technology API, version 2.0 (JCR 2.0) as specified in the Java Specification Request 283 (JSR 283).
- Apache Jackrabbit 2.12.10 and Jackrabbit Oak 1.9.10 released http://jackrabbit.apache.org/
Apache Kylin™ –an Open Source Distributed Analytics Engine designed to provide SQL interface and multi-dimensional analysis (OLAP) on Apache Hadoop, supporting extremely large datasets.
- Apache Kylin 2.5.1 released https://kylin.apache.org/
Apache Struts™ –an elegant, extensible framework for creating enterprise-ready Java Web applications.
- [SECURITY] Immediately upgrade commons-fileupload to version 1.3.1 when running Struts 2.3.36 http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3CCAMopvkMgZiJ%2BZkT1HmkQt94q7-bzNWnZm0Td9vq589vz5YM%3DMw%40mail.gmail.com%3E
- [SECURITY] Immediately upgrade commons-fileupload to version 1.3.3 when running Struts 2.3.36 or prior http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3CCAMopvkMo8WiP%3DfqVQuZ1Fyx%3D6CGz0Epzfe0gG5XAqP1wdJCoBQ%40mail.gmail.com%3E
Apache Syncope™ –an Open Source system for managing digital identities in enterprise environments, implemented in Java EE technology.
- Apache Syncope 2.0.11 and 2.1.2 released http://syncope.apache.org/
- [SECURITY] CVE-2018-17184 Apache Syncope http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3Ccf9fdd28-aba5-f586-01c0-d37beb50008a%40apache.org%3E
- [SECURITY] CVE-2018-17186 Apache Syncope http://mail-archives.apache.org/mod_mbox/www-announce/201811.mbox/%3Cb1bdfd0b-2151-cafd-d5c9-425de23311f4%40apache.org%3E
Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies.
- Apache Tomcat 8.5.35 and 9.0.13 released http://tomcat.apache.org/
Did You Know?
- Did you know that the following Apache projects are celebrating anniversaries? Many happy returns to Apache Ant (16 years); Labs (12 years); HttpComponents (11 years); Attic, Buildr, CouchDB, and Qpid (10 years); Community Development (9 years); OODT and ZooKeeper (8 years); Kafka and Sycope (7 years); Ambari and Marmotta (5 years); BookKeeper, Drill, and MetaModel (4 years); Brooklyn, Groovy, Kylin, REEF (3 years); Geode (2 years); Guacamole, Impala, and Mnemonic (1 year)! https://projects.apache.org/committees.html?date
- Did you know that Apache CouchDB is porting a test suite from JS to Elixir is seeking assistance from the Elixir community? http://couchdb.apache.org/
- Did you know that Yelp runs millions of tests every day using Apache Mesos? http://mesos.apache.org/
Apache Community Notices:
- ASF Operations Summary: Q1 FY2019 https://s.apache.org/qiKn
- ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport
- The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3
- Foundation Statement –Apache Is Open. https://s.apache.org/PIRA
- "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache
- Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation
- Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity
- The list of Apache project-related MeetUps can be found at http://events.apache.org/event/meetups.html
- CFP now open for Flink Forward China 21-22 December 2018 in Beijing https://china-2018.flink-forward.org/call-for-presentations-submit-talk/
- The Apache Big Data community will be at DataWorks Summit 18-21 March 2019 in Barcelona and 20-23 May 2019 in Washington DC https://dataworkssummit.com/
- Future dates for Spark + AI Summit 2019 announced: 23-25 April/San Francisco and 15-17 October/Amsterdam https://databricks.com/sparkaisummit/
- Block your calendars for ApacheCon North America: taking place in September 2019; announcing dates and details soon. http://apachecon.com/
- Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/
# # #
Posted at 03:24PM Nov 09, 2018 by Sally in Newsletter | |