The Apache Software Foundation Blog

Friday July 27, 2018

The Apache News Round-up: week ending 27 July 2018

Farewell, July! Let's check out the Apache community's activities from the past week:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 15 August. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ApacheCon™ –the ASF's official global conference series. Join us!
 - 24-27 September: Registration for ApacheCon North America/Montreal is open http://apachecon.com/acna18/
 - 8 October: Apache Roadshow and Open Source Job Fair/Fairfax, VA --Save The Date!
 - Media and Community Partner opportunities available for *all* official Apache events: drop us a note at press@apache.org to help.

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield zippity performance at 93.91% uptime. http://status.apache.org/

ASF Operations Factoid –this week, 506 Apache contributors changed 968,003 lines of code over 3,133 commits. Top 5 contributors, in order, are: Tellier Benoit, Karl Heinz Marbaise, Andrea Cosentino, Roberto Cortez, and Gary Gregory.

Apache Accumulo™ –a sorted, distributed key/value store that provides robust, scalable Big Data storage and retrieval.
 - Apache Accumulo 1.9.2 released https://accumulo.apache.org/

Apache Calcite™ –a framework for writing Big Data management systems.
 - Apache Calcite 1.17.0 released http://calcite.apache.org/

Apache Directory™ Fortress –computer security access management facility written in Java.
 - Apache Fortress 2.0.1 released https://directory.apache.org/fortress/

Apache HBase™ –Open Source, distributed, versioned, non-relational database.
 - Apache HBase 2.1.0 released https://hbase.apache.org/

Apache HttpComponents™ HttpAsyncClient–a library for client-side HTTP communication built on HttpCore.
 - HttpComponents HttpAsyncClient 4.1.4 GA released http://hc.apache.org/

Apache Kafka™ –distributed, fault tolerant, publish-subscribe messaging.
 - CVE-2017-12610: Authenticated Kafka clients may impersonate other users http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAOJcB383nmC%2BpxBXoc2JcuD4TXgQrvgjCuovNavmt6sFs4%2BsBQ%40mail.gmail.com%3E
 - CVE-2018-1288: Authenticated Kafka clients may interfere with data replication http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAOJcB3905-NRw3baEUGhEaqKipzQ%2BNryJHsK%3DAtF_aFFsF1nOA%40mail.gmail.com%3E

Apache OpenWhisk (incubating) –distributed serverless computing platform.
 - CVE-2018-11756 PHP Runtime for Apache OpenWhisk http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAAC1_d4geVGr-%2BOk95Gq9C9P81BXUDT3d9N7-2r%2BqsiPrM5r3w%40mail.gmail.com%3E
 - CVE-2018-11757 Docker Skeleton Runtime for Apache OpenWhisk http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3CCAAC1_d7x6buq1aREekk_Eh9SjevQLPLkXc%2BaidiFBMcNz7GGwQ%40mail.gmail.com%3E

Apache Qpid™ –messaging tools that speak AMQP and support many languages and platforms.
 - Apache Qpid JMS 0.35.0 released http://qpid.apache.org/

Apache Tomcat™ –an Open Source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.
 - CVE-2018-8019 Apache Tomcat Native Connector - Mishandled OCSP invalid response http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180721095943.GA24320%40minotaur.apache.org%3E
 - CVE-2018-8020 Apache Tomcat Native Connector - Mishandled OCSP responses can allow clients to authenticate with revoked certificates http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180721101944.GA45239%40minotaur.apache.org%3E
 - CVE-2018-1336 Apache Tomcat - Denial of Service http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E
 - CVE-2018-8037 Apache Tomcat - Information Disclosure http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090623.GA92700%40minotaur.apache.org%3E
 - CVE-2018-8034 Apache Tomcat - Security Constraint Bypass http://mail-archives.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722091057.GA70283%40minotaur.apache.org%3E


Did You Know?

 - Did you know that you can easily help promote ApacheCon? http://www.apachecon.com/acna18/banners/

 - Did you know that you can achieve Machine Learning on SQL by using Apache Hivemall (incubating) on Apache Hive or Apache Spark? http://hivemall.incubator.apache.org/

 - Did you know that the highest code contribution value during FY2018 was by Apache Mynewt? $61,769,063 worth of code! https://s.apache.org/FY2018AnnualReport

Apache Community Notices:

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way" https://s.apache.org/gK4Q

 - Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner https://blogs.gartner.com/merv-adrian/2018/03/27/open-for-business-at-the-asf/

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Apache in 2017 - By The Digits https://s.apache.org/h8do

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

 - "Success at Apache" focuses on the processes behind why the ASF "just works". https://blogs.apache.org/foundation/category/SuccessAtApache

 - Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://events.apache.org/event/meetups.html

 - ApacheCon North America will be held 24-27 September in Montreal http://apachecon.com/

 - Save the Date: Apache Roadshow DC and Open Source/Government/Cyber/Job Fair - 8 October 2018 in Fairfax, VA http://apachecon.com/

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/

 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby

= = =

For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #

Comments:

Post a Comment:
Comments are closed for this entry.

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation