The Apache Software Foundation Blog

Friday July 14, 2017

The Apache News Round-up: week ending 14 July 2017

We've had a booming week! Here's what the Apache community has been up to:

Support Apache –your contributions through the ASF Sponsorship program and individual donations help sustain 300+ freely-available Open Source projects. Every dollar counts. http://apache.org/foundation/contributing.html

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 19 July 2017. Board calendar and minutes http://apache.org/foundation/board/calendar.html
 - ASF Annual Report for 2017 Fiscal Year https://s.apache.org/IDn5

ASF Infrastructure –our distributed team on four continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield great performance at 97.03% uptime http://status.apache.org/

Apache Jackrabbit™ –a fully conforming implementation of the Content Repository for Java Technology API (JCR).
 - Apache Jackrabbit 2.14.2 released https://jackrabbit.apache.org/

Apache HAWQ (incubating) –an advanced enterprise SQL-on-Hadoop analytic engine.
 - Apache HAWQ 2.2.0.0-incubating released http://hawq.apache.org

Apache HTTP Server™ –the world's most popular Web server.
 - Apache HTTP Server 2.2.34 and 2.4.27 2.2.34 released http://httpd.apache.org/
 - CVE-2017-9789: Apache httpd 2.4 Read after free in mod_http2 http://mail-archives.apache.org/mod_mbox/www-announce/201707.mbox/%3CCACsi2528RzhCmN78sbpUYNYhLvsMkJmaB1hGV%2BzxaU64fjBL2g%40mail.gmail.com%3E
 - CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest http://mail-archives.apache.org/mod_mbox/www-announce/201707.mbox/%3CCACsi252%3DWGN3zy9qsErsuvy5p-%2BL9p%2BDMUoZkFvyg4zH25N%2BkA%40mail.gmail.com%3E

Apache Impala (Incubating) –a high-performance C++ and Java SQL query engine for data stored in Apache Hadoop-based clusters.
 - CVE-2017-5652 Apache Impala (incubating) Information Disclosure http://mail-archives.apache.org/mod_mbox/www-announce/201707.mbox/%3CCA%2BLM4Mt5Nk_qJom7YhKaZrLQArqWWY%3DofUDK7h%2BMM7mmOVhp_w%40mail.gmail.com%3E
 - CVE-2017-5640 Apache Impala (incubating) Information Disclosure http://mail-archives.apache.org/mod_mbox/www-announce/201707.mbox/%3CCA%2BLM4Mur2%2Bmdv_YukGG0s5OWrj6xdZyLZbPRaB0g6Mm_WH%2BN9g%40mail.gmail.com%3E

Apache Lucene™ Solr –an Open Source enterprise search server based on the Lucene Java search library.
 - CVE-2017-7660: Security Vulnerability in secure inter-node communication in Apache Solr http://mail-archives.apache.org/mod_mbox/www-announce/201707.mbox/%3CCAOOKt53EgrybaD%2BiSn-nBbvFdse-szhg%3DhMoDZuvUvyMme-Z%3Dg%40mail.gmail.com%3E

Apache ODE™ –a WS-BPEL 1.1/2.0 compliant Web services orchestration engine.
 - Apache ODE 1.3.7 released http://ode.apache.org/

Apache Olingo™ –a Java library that enables developers to implement OData producers and OData consumers.
 - Apache Olingo 2.0.9 released http://olingo.apache.org/

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools.
 - Apache OpenMeetings 3.3.0 released http://openmeetings.apache.org

Apache OpenNLP™ –a machine learning based toolkit for the processing of natural language text.
 - Apache OpenNLP 1.8.1 released http://opennlp.apache.org/

Apache OpenWebBeans™ –a CDI container (Contexts and Dependency Injection for Java) and targets the CDI-1.2 specification (JavaEE 7).
 - Apache OpenWebBeans-1.7.4 released http://openwebbeans.apache.org

Apache Phoenix™ –enables SQL-based OLTP and operational analytics for Apache Hadoop.
 - Apache Phoenix 4.11 released http://phoenix.apache.org/

Apache Struts™ –a comprehensive and modular tooling stack for creating Web-based Java applications.
 - Apache Struts 2: possible RCE in the Struts Showcase app in the Struts 1 plugin example in the Struts 2.3.x series http://mail-archives.apache.org/mod_mbox/www-announce/201707.mbox/%3CCAMopvkPHCrVRX7TuyyzdHp2wv6Pc8-f4%3DsqmSxPiE04md7SMug%40mail.gmail.com%3E
 - Apache Struts 2.5.12 GA with Security Fixes released http://struts.apache.org/

Apache Subversion™ –an Open Source, centralized version control system.
 - Apache Subversion 1.8.18 released http://subversion.apache.org/

Apache Tika™ –a toolkit for detecting and extracting metadata and structured text content from various documents using existing parser libraries.
 - Apache Tika 1.16 released http://tika.apache.org/

Apache Wicket™ –an Open Source Java component oriented Web application framework.
 - Apache Wicket 7.8.0 released http://wicket.apache.org/

Apache Yetus™ –a collection of libraries and tools that enable contribution and release processes for software projects. - Apache Yetus 0.5.0 released https://yetus.apache.org/

Did You Know?

 - Did you know that if your employer has a matching gift program, your contribution to the ASF can be generously increased and will help even more to support its mission? http://apache.org/foundation/contributing.html

 - Did you know that the Apache Incubator site had a redesign/facelift? http://incubator.apache.org/

 - Did you know that the value to users from Apache OpenOffice's 200+M downloads (over the past year) exceeds $25M per day? https://openoffice.apache.org/

Apache Community Notices:

 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk 4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/

 - Check out the Apache Community Development blog https://blogs.apache.org/comdev/

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/ and Twitter account https://twitter.com/ApacheCommunity

 - Apache ActiveMQ Call For Logo https://blogs.apache.org/activemq/entry/apache-activemq-call-for-logo

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - The CloudStack European User Group will be held 17 August in London https://www.eventbrite.co.uk/e/cloudstack-european-user-group-tickets-35565783215

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Annual Report https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Comments:

Post a Comment:
Comments are closed for this entry.

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation