The Apache Software Foundation Blog
The Apache Weekly News Round-up: week ending 26 November 2021
We're wrapping up another great week with the following activities from the Apache community:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 15 December 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 99.97%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 303 Apache Committers changed 18,449,074 lines of code over 6,624 commits. Top 5 contributors, in order, are: Krist Wongsuphasawat, Jesse Yang, Ville Brofeldt, Yongjie Zhao, and Harikrishna Patnala.
Apache Project Announcements – the latest updates by category.
APIs --
- Apache APISIX 2.10.2 released
-- CVE-2021-43557: Path traversal in request_uri variable
Big Data --
- Apache Beam 2.34.0 released
- Apache Kafka 2.6.3 released
Content --
- Apache JSPWiki 2.11.0 released
-- CVE-2021-44140: Arbitrary file deletion on logout
-- CVE-2021-40369: Cross-site scripting vulnerability on Denounce plugin
Enterprise Processes Automation / ERP --
- Apache OFBiz 18.12.02 released
Integration --
- Apache Camel 3.11.4 (LTS) released
- Apache Qpid Dispatch 1.18.0 released
Did You Know?
- Did you know that Giving Tuesday, the global day of giving, takes place this year on Tuesday 30 November. Your individual and corporate donations help the all-volunteer ASF continue to steward 350+ Apache Projects and their communities, and provide more than $22B worth of Apache software to the public good at 100% no charge? https://donate.apache.org/
- Did you know that you can learn more about Apache TVM --the ASF's first
full stack software and hardware co-optimization project-- at TVMCon,
taking place online and free-of-charge 15-17 December?
- Did you know that the New Zealand government uses Apache Wicket for its national statistics Website?
Apache Community Notices
- The Apache Month in Review: October 2021 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 03:27PM Nov 29, 2021
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 19 November 2021
Happy Friday, everyone. The Apache community has had another great week. Let's review what we've been up to:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 15 December 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 99.57%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 340 Apache Committers changed 4,175,400 lines of code over 3,102 commits. Top 5 contributors, in order, are: Daniel Gruno, Christofer Dutz, Sebastian Rühl, Sebastian Bazley, and Claus Ibsen.
Apache Project Announcements – the latest updates by category.
Big Data --
- Apache Arrow 6.0.1 released
- Apache Ozone 1.2.0 released
-- CVE-2021-36372: Original block tokens are persisted and can be retrieved
-- CVE-2021-39231: Missing authentication/authorization on internal RPC endpoints
-- CVE-2021-39232: Missing admin check for SCM related admin commands
-- CVE-2021-39233: Container-related datanode operations can be called without authorization
-- CVE-2021-39234: Raw block data can be read bypassing ACL/authorization
-- CVE-2021-39235: Access mode of block tokens are not enforced
-- CVE-2021-39236: Owners of the S3 tokens are not validated
-- CVE-2021-41532: Unauthenticated access to Ozone Recon HTTP endpoints
Business Intelligence --
- Apache Superset CVE-2021-42250: Possible log injection
Cloud Computing --
- Apache CloudStack 4.16.0.0 released
Content --
- Apache Jackrabbit Oak 1.6.22 released
Integration --
- Apache Camel 3.13.0 released
IoT --
- Apache IoTDB 0.12.3 released
Observability --
Programming Languages --
- Apache Groovy 4.0.0-beta-2 released
Search --
- Apache Lucene 8.11.0 released
- Apache Solr 8.11.0 and Operator v0.5.0 released
Servers --
- Apache Tomcat 8.5.73, 9.0.55, 10.0.13, 10.1.0-M7 (alpha) released
- Apache HttpComponents Client 5.1.2 GA released
- Apache Traffic Control: CVE-2021-43350: LDAP filter injection vulnerability in Traffic Ops
Web Frameworks --
- Apache Struts 2.5.27 released
Did You Know?
- Did you know that the ASF's Corporate Contribution options include Employee Giving Programs, Volunteer Grants, and Corporate Matching Gifts? End-of-year donations are welcome in any amount --thank you in advance for considering supporting the ASF! https://apache.org/foundation/contributing#support-the-asf-today
- Did you know that Apache Pinot was featured in the Disney comedy film, "Home Sweet Home Alone"? https://twitter.com/ApachePinot/status/1459378780586262528
- Did you know that Apache DolphinScheduler v2.0 is 20x more performant than previous versions? http://dolphinscheduler.apache.org/
Apache Community Notices
- The Apache Month in Review: October 2021 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:32PM Nov 22, 2021
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 12 November 2021
Hello, everyone --let's review the Apache community's activities from over the past week:
Sponsor Success at Apache – the blog series that focuses on the people and processes behind why the ASF "just works", featuring insights and experiences from the perspective of select ASF Sponsors
- "Exploration and Practice of the Apache Way in Tencent" by Mark Shan
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
- Next Board Meeting: 17 November 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 99.94%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 352 Apache Committers changed 11,730,654 lines of code over 3,823 commits. Top 5 contributors, in order, are: Krzysztof Kopyściński, Mark Thomas, Andrea Cosentino, Adam Kocoloski, and Tomaž Muraus.
Apache Project Announcements – the latest updates by category.
Big Data --
- Apache NiFi 1.15.0 released
- Apache ShardingSphere 5.0.0 released
Business Intelligence --
- Apache Superset CVE-2021-41972: Credentials leak
Content --
- Apache Jackrabbit 2.20.4 and Jackrabbit Oak 1.8.25 released
- Apache Traffic Control 6.0.1 released and CVE-2021-43350: LDAP filter injection vulnerability in Traffic Ops
Messaging --
- Apache Qpid Proton 0.36.0 released
Did You Know?
- Did you know that the Apache Unomi community will be holding their first Unomi developer MeetUp online and free of charge on 18 November?
- Did you know that the Apache Ignite community are preparing for the vote on v2.12, are redesigning their project Website, and will be kicking off Ignite Summit Cloud Edition 16 November? Catch up on a busy week ahead!
- Did you know that Uber Eats' new real-time exactly-once ad event processing is powered by Apache Flink, Apache Kafka, and Apache Pinot?
Apache Community Notices
- The Apache Month in Review: October 2021 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:46PM Nov 15, 2021
by Sally Khudairi in Newsletter |
|
Sponsor Success at Apache: Exploration and Practice of the Apache Way in Tencent
by Mark Shan, Chairman of Tencent Open Source Alliance and Tencent Cloud Open Source Ecosystem General Manager
The Apache Software Foundation (ASF) manages more than 227 million lines of code, has 206 project management committees, leads more than 350 Apache projects and operates through a merit system, with more than 850 members, 8,100+ committers, and tens of thousands of contributors.
Previously the Apache Group, the ASF has grown to one of the largest open source foundations in the world today. It has built the well-known "Apache Way" through its leadership, sound community, and merit thinking, resulting in a set of schemes that promote the sustainable development of open source communities and guide the practice of open source projects.projects.
Since Tencent Open Source was created 11 years ago, a large number of Tencent engineers have formed a deep connection with the Apache community by participating and contributing to Apache projects. Furthermore, by learning from the Apache Way, Tencent is going through its open source journey.
At ApacheCon@Home 2021, I shared how Tencent thinks, explores, and practices open source according to the Apache Way. Below is a synopsis of this presentation:
The Apache Way's Importance in Community Building
The Apache Way is difficult to define. Although the Apache Way has evolved somewhat over the years, the original intention of "high transparency" has remained unchanged. In Mark Shan’s view, Tencent's learning experience from the Apache Way can be summarized into five main points:
- Everyone has the opportunity to participate and can become a contributor. Contributors can increase their impact and personal growth through their contributions to projects.
- The ASF has a structure that encourages contributions from everyone, regardless of employer. This means that, for example, committer and PMC roles are open to anyone who earns the title. Tencent encourages its engineers to participate in the Apache community actively.
- Understanding and practicing open communication is extremely important. Because open source is the collaboration of a global community, Tencent engineers are able to participate in the Apache open source project through asynchronous collaboration using the mailing list. Code and decision-related communication are open and transparent.
- Reaching consensus when making decisions is strongly encouraged. Consensus can maintain project momentum and productivity. But when a complete consensus is impossible, voting or other coordination is available to arrive at binding decisions.
- The most important point is that the Apache community's motto, "community over code", is often emphasized. Because a healthy community is more important than simply good code. A strong and healthy community can always correct code problems, while an unhealthy community may struggle to maintain the code repository in a sustainable manner. In addition, flexibility is also an integral part of ASF's sustainable open source success.
Tencent's Open Source Way —Inspired by the Apache Way Apache projects and their communities are unique and diverse. In the community-led development process, Apache members formed the Apache Way based on their experience. Many of Tencent's open source practices and results are executed following the model of the Apache Way. After many years of incorporating open source into its culture, Tencent has formed an approach, "open collaboration, open source for good," which reflects Tencent's value and vision, and is honed based on open source best practices. Practicing the Apache Way: Contributing and Donating to open source projects Tencent engineers have been contributing to and helping to lead many ASF projects, including: 1) Big Data Over the past four years, several Tencent engineers helped lead releases for Apache Hadoop 2.8.4 and 2.8.5, Apache Ozone 1.0.0 (Ozone was a sub-project of Apache Hadoop, and became a Top-Level Project in 2020), and Apache Spark 2.3.2. Tencent engineers contributed more than 20 features and optimizations to several versions of Hadoop, and are core contributors in multiple Apache computing and AI frameworks that include Flink, HBase, Hive, MXNet, and Parquet. 2) Middleware In 2019, Tencent donated TubeMQ, its self-developed trillion-level big data component, to the ASF through the Apache Incubator. In 2021 the project officially changed its name to Apache InLong, as part of its incubation process. Tencent Applications based on Apache Projects
In addition to self-developed tools, Tencent widely uses ASF open source projects in its various business systems, with particular focus in big data, API gateways, and observability. As one of the largest daily real-time computing companies, Tencent’s overall big data platform exceeds 5 million cores, and must support single-day access message volume exceeding 55 trillion, real-time computing volume exceeding 65 trillion, and daily analysis tasks reaching 15 million.
More than two dozen Apache projects are used in applications like WeChat, QQ, and Tencent Cloud. These big data projects are used for data transmission, storage, computing, and analysis demand scenarios, supported by other technical fields of service governance that include API gateways and observability.
For big data, Apache Ozone is one of the key projects that provides support for Tencent's business scenarios that require large amounts of data and traffic. As early adopters, Tencent's big data platform deployed an Ozone cluster with more than 1,000 nodes as the back-end storage for big data applications and also uses Ozone as the main storage solution for some private data warehouse projects.
Today, Tencent is connecting more and more businesses to Ozone, including data warehouses, machine learning platforms, Kubernetes cluster mounting volume, and more. Ozone helps Tencent operate stably, steadily, and at scale: of more than a thousand units without manual operation and maintenance intervention. In the process of verification and improvement, Tencent has done a lot of optimization work to improve performance and stability.
In addition, Apache Pulsar integrates messaging, storage and functional computing, and it adopts an architecture that separates storage and computing. Pulsar has successfully supported a large number of data and traffic business scenarios within Tencent Cloud and has some practical experience in cloud native environments, such as solving rapid and dynamic expansion and contraction, improving the utilization of cluster resources, and cluster forms.
For API Gateways, Apache APISIX offers high performance, a friendly developer experience, and rich plug-in capabilities, which is why Tencent's internal business chose it. Using APISIX, Tencent internally shares its self-developed cloud system components to solve business pain points and provide efficient API gateway services; externally, Tencent engineers contribute to the Apache APISIX open source community, expanding its influence, and leads the development of the open source community.
For Observability, Apache SkyWalking's application in Tencent's internal observable platform provides great convenience for selecting client tracing reporting of the microservices system, as well as the mechanism of computing storage separation and multi-layer query to provide very excellent performance output.
Building Tencent Open Source with 3 Major Projects
In addition to sponsoring the ASF at the Platinum level, Tencent is currently active in more than 10 foundations worldwide as a top member, including the Linux Foundation and the CNCF Foundation. Tencent is actively involved with open source communities such as Kubernetes, Spring Cloud, MariaDB, and it is also promoting the implementation of open source projects, products and solutions.
Foundations provide intellectual property management framework, code repositories, issue tracking, technical guidance, project governance, financial and public relations, and other services. By participating in these foundations, Tencent has learned many more mature open source organizational governance models and used them to guide the process to open source its internal projects to the world.
Tencent has open sourced more than 130 independent cloud native, big data, artificial intelligence, database, and other projects to the world. These projects obtained more than 370,000 GitHub Stars, and have exceeded 2,000 contributors.
By open sourcing projects across internal departments and to the world, actively collaborating with developers and communities around the world, and training open source talents, Tencent's open source ecosystem continuously improves and grows.
Tencent Cloud’s future will focus on further strengthening the construction of Tencent's open source ecosystem through three major projects:
1) WeOpen: Tencent Open Source community
Tencent Cloud aims to build WeOpen, a platform for open source communication, promotion, and project incubation.
WeOpen is committed to connecting enthusiasts, practitioners, and leaders with global open source foundations to initiate new projects, co-create communities, and hold activities that extend open source culture and inspire the global open source ecosystem to flourish.
2) Establish an industry open source joint laboratory
The open source laboratory is the landing place for the actual projects. Tencent Cloud plans to successively establish industry joint open source laboratories with well-known Chinese universities and open source organizations to provide a platform for students, researchers, and developers in the enterprise to contribute code and scenarios for open source projects to realize in the industry.
Starting with the "Rhino Bird Open Source Talent Cultivation Plan" held by Tencent this year, open source courses and practice training programs for college students help popularize open source culture, encourage contributions, and further the open source talent ecosystem.
3) Release "Cloud Native Open Source White Paper"
At the Cloud Native Industry Conference last May, Tencent Cloud and China's Institute of Information and Communications Technology announced the official preparation of the Cloud Native Open Source White Paper, which is expected to be released by the end of the year.
Tencent welcomes open source practitioners and companies to join their efforts in the above projects.
Conclusion
For more than 22 years, the ASF has proven that the Apache Way is one of the best practices for building an open organization that balances organizational structure and flexibility. Tencent continues to expand its own open source concepts, methodology, and ecosystem building, with plans to participate in more universities, companies, and organizations, while embracing the Apache Way into the future.
Mark Shan has a long career and practical experience in cloud-native, microservices, big data, edge computing, and open-source ecosystem. As the chairperson of Tencent Open Source Alliance, he works full of passion to build the ecosystem for Tencent Open Source and makes great efforts to accelerate innovation in technology and product with the open-source way. At Tencent Cloud, Mark leads the open-source team and works with organizations and communities including Apache Software Foundation,Linux Foundation, Open Atom Foundation, CAICT, COPU and others to build open-source ecosystem. He is also the observer of Linux Foundation Board, chairperson of TARS Foundation, TOC member of Open Atom Foundation and Magnolia Open Source Community, TSC member of Akraino Edge Stack, fellow of China Cloud Native Industry Alliance, advisor of Open Source Community.
= = =
"Success at Apache" is a monthly blog series that focuses on the processes behind why the ASF "just works". "Sponsor Success at Apache" features insights and experiences by select ASF Sponsors https://apache.org/foundation/thanks.html
For more Success at Apache posts, visit https://blogs.apache.org/foundation/category/SuccessAtApache
Posted at 06:44PM Nov 11, 2021
by Sally Khudairi in SuccessAtApache |
|
The Apache News Round-up: week ending 5 November 2021
Welcome November --we've closed October with another great week. Here are the latest updates on the Apache community's activities:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 17 November 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ApacheCon™ –
the ASF's official global conference series, bringing Tomorrow's
Technology Today since 1998.
- Our 2021 events are complete: thanks to all speakers, sponsors, participants, and planners for their great turnout!
- Presentations for ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 100.00%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the Apache Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 309 Apache Committers changed 6,052,770 lines of code over 2,644 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Claus Ibsen, Yuan Tian, Andrea Cosentino, and Sebastian Rühl.
Apache Project Announcements – the latest updates by category.
Big Data --- Apache Arrow 6.0.0 released
- Apache Avro 1.11.0 released
Content --
- Apache POI 5.1.0 released
Enterprise Processes Automation / ERP --
- Apache OFBiz 18.12.01 released
- Apache Commons CLI 1.5.0 released
Network Client/Server --
- Apache MINA 2.0.22 and 2.1.5 released
-- CVE-2021-41973: HTTP listener DOS
Observability --
- Apache SkyWalking Java Agent 8.8.0 released
- Apache Traffic Server 9.1.1 and 8.1.3 released
- Apache HttpComponents Client 5.2-alpha1 releasedWeb Frameworks -
- Apache Wicket 9.6.0 released
Workflow --
- Apache Airflow 2.2.1 released
- Apache DolphinScheduler CVE-2021-27644: mysql jdbc connector parameters deserialize remote code execution
Did You Know?
- Did you know that the following Apache Projects are celebrating
anniversaries this month? Congratulations to Apache Ant (19 years);
HttpComponents (14 years); Attic, Buildr, CouchDB, and Qpid (13 years);
ComDev (12 years); OODT and ZooKeeper (11 years); Kafka and Syncope (9
years); Ambari (8 years); BookKeeper and Drill (7 years); Brooklyn,
Groovy, Kylin, and REEF (6 years); Geode (5 years); Guacamole and Impala
(4 years); Griffin (3 years); Petri (2 years); as well as Superset and
TVM (1 year)
- Did you know that Druid Summit Americas and EMEA events and watch parties start on 9 November? Secure your spot today!
- Did you know that Ignite Summit Cloud Edition kicks off on 16 November? Learn more at http://ignite.apache.org/
Apache Community Notices
- The Apache Month in Review: October 2021 https://s.apache.org/October2021 and video highlights https://youtu.be/3rPR6tNt-dg
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from ApacheCon Asia are available on YouTube
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 03:31PM Nov 08, 2021
by Swapnil M Mane in Newsletter |
|
Apache Month in Review: October 2021
Welcome to the latest monthly overview of events from the Apache community. Here's a summary of what happened in October [video highlights available] :
New This Month --
- Apache Software Foundation moves to CDN distribution for software.
- The Apache Software Foundation Announces Apache® OpenOffice® 4.1.11
- Presentations from ApacheCon 2021 events are available on the ASF's YouTube channel.
- Apache Month in Review: September 2021
Important Dates --
- Next Board Meeting: 17 November 2021. Board calendar and minutes
- Apache CloudStack Collaboration Conference 2021 - 8-12 November 2021
Infrastructure --
Committer Activity --
In October, 643 Apache Committers changed 47,071,028 lines of code over 11,309 commits. The Committers with the top 5 highest contributions, in order, were: Claus Ibsen, Andi Huber, Gary Gregory, Andrea Cosentino, and Alex Herbert.
Project Releases and Updates --
New releases from Apache Airflow (Big Data); Ant (Build Management); APISIX (API); Bigtop (Big Data); Calcite (Big Data); Camel (Integration); CouchDB (Big Data); DB (Database); Flink (Big Data); Geode (Database); HBase (Big Data); Hop (Orchestration); HttpComponents (Servers); HTTP Server (Servers); Jackrabbit (Content); James (Mail); Kyuubi (Incubating; Big Data); Log4cxx (Libraries); Lucene (Search); OpenMeetings (Web Conferencing); OpenOffice (Content); PLC4X (IoT); Qpid (Messaging); ShardingSphere (Big Data); ShenYu (Incubating; API); SIS (Geospatial); Skywalking (Application Performance Management); Solr (Search); Storm (Big Data); Syncope (Identity Management);Tomcat (Servers); Traffic Control (Servers); XMLBeans (Library).
Apache Project Anniversaries in October: Apache Ant (19 years); HttpComponents (14 years); Attic, Buildr, CouchDB, and Qpid (13 years); Community Development ("ComDev", 12 years); OODT and ZooKeeper (11 years); Kafka and Syncope (9 years); Ambari (8 years); BookKeeper, Drill, and MetaModel (7 years); Brooklyn, Groovy, Kylin, and REEF (6 years); Geode (5 years); Guacamole, Impala, and Mnemonic (4 years); Griffin (3 years); Petri (2 years); and Superset and TVM (1 year). Many happy returns!
The Apache Incubator is the primary entry path for projects wishing to become an official part of the ASF. More than three dozen projects are currently undergoing development in the Apache Incubator.
# # #
To see our Weekly News Round-ups (published every Friday), visit https://blogs.apache.org/foundation/ and click on the calendar or hop directly to https://blogs.apache.org/foundation/category/Newsletter . For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. We appreciate your support!
Posted at 07:53PM Nov 01, 2021
by Swapnil M Mane in Newsletter |
|
The Apache News Round-up: week ending 29 October 2021
Farewell, October --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 17 November 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ApacheCon™ –
the ASF's official global conference series, bringing Tomorrow's
Technology Today since 1998.
- Our 2021 events are complete: thanks to all speakers, sponsors, participants, and planners for their great turnout!
- Presentations for ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 100.00%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the Apache Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 320 Apache Committers changed 12,061,492 lines of code over 2,610 commits. Top 5 contributors, in order, are: Tomaz Muraus, Udo Schnurpfeil, David Jencks, Claus Ibsen, and Konrad Windszus.
Apache Project Announcements – the latest updates by category.
API --
- Apache ShenYu (incubating) 2.4.1 available
Big Data --
- Apache Bigtop 3.0.0 released
- Apache Kyuubi (incubating) 1.3.1-incubating released
- Apache HBase 1.4.14 released
- Apache Geode 1.12.5 released
IoT --
- Apache PLC4X 0.9.0 released
- Apache Qpid ProtonJ2 1.0.0-M3 released Servers --
- Apache HttpComponents Client 5.1.1 GA released
Web Conferencing --
- Apache OpenMeetings 6.2.0 released
Did You Know?
- Did you know that organizations can support the ASF through one-time or recurring corporate contributions, matching gifts, and other corporate giving initiatives?
- Did you know that presentations from ApacheCon's 2021 events are available on the ASF's YouTube channel?
- Did you know that BNP Paribas uses Apache Ignite as a Hybrid Transactional-Analytical Processing solution?
Apache Community Notices
- The Apache Month in Review: September 2021 https://s.apache.org/September2021 and video highlights https://youtu.be/v3GdwUmevog
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from ApacheCon Asia are available on YouTube
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:57PM Nov 01, 2021
by Swapnil M Mane in Newsletter |
|