Entries tagged [asf]
The Apache Weekly News Round-up: week ending 8 April 2022
Hello, everyone --let's review the Apache community's activities from over the past week:
The Apache Software Foundation – the all-volunteer developers, stewards,
and incubators of more than 350 Open Source projects and initiatives.
- The Apache Software Foundation Welcomes 52 New Members https://s.apache.org/2022NewMembers
ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
- CFP for ApacheCon North America 2022 (taking place 3-6 October in New Orleans) is now open https://blogs.apache.org/conferences/entry/call-for-presentations-apachecon-north
- Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 355 Apache Committers changed 17,006,169 lines of code over 3,843 commits. Top 5 contributors, in order, are: Andi Huber, Claus Ibsen, Gary Gregory, Andrea Cosentino, and Chesnay Schepler.
Apache Project Announcements – the latest updates by category.
Big Data --- Apache Flink Kubernetes Operator 0.1.0 released
- Apache NiFi 1.16.0 released
-- CVE-2022-26850: Insufficiently protected credentials
- Apache Pinot 0.10.0 released
-- CVE-2022-23974: Pinot segment push endpoint has a vulnerability in unprotected environments
Databases --
- Apache Impala 3.4.1 released
- Apache Daffodil VS Code 1.0.0 Observability --
- Apache SkyWalking CLI 0.10.0 released Workflow --
Did You Know?
- Did you know that those interested in attending ApacheCon NA 2022 (3-6 October/New Orleans) but are unable to do so for financial reasons are invited to apply for Travel Assistance support? Applications open until 1 July https://apache.org/travel/
- Did you know that the ASF Infrastructure team launched a new GitBox platform with upgraded features and services?
- Did you know that Beam Summit will be held both online and in-person in Austin, Texas, 18-20 July? https://2022.beamsummit.org/
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 01:05PM Apr 11, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 1 April 2022
Welcome, April --we're opening the month with another great week. Here's what the Apache community has been up to:
ApacheCon™ – the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
- CFP for ApacheCon North America 2022 (taking place 3-6 October in New Orleans) is now open https://blogs.apache.org/conferences/entry/call-for-presentations-apachecon-north
Sponsor Success at Apache
– the blog series that focuses on the people and processes behind why
the ASF "just works".
- "My experience with the Apache Way —a perfect society?" by Etienne Chauchot https://s.apache.org/oree2
- Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 352 Apache Committers changed 26,605,053 lines of code over 3,949 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Brent Bovenzi, Jarek Potiuk, Gary Gregory, and Andrea Cosentino.
Apache Project Announcements – the latest updates by category.
APIs --
- Apache APISIX 2.13.0 released
-- CVE-2022-25757: body_schema check in request-validation plugin can be bypassed
Big Data --
- Apache Calcite Avatica Go 5.1.0 released
- Apache jclouds 2.5.0 released Eventing --
- Apache EventMesh (incubating) 1.4.0 released
Integration --
- Apache Camel 3.16.0 released
- Apache Qpid JMS 1.6.0 released
Servers --
- Apache Tomcat 8.5.78, 9.0.62, 9.0.62, and 10.1.0-M14 (alpha) released
Web Frameworks --
Did You Know?
- Did you know that the following Apache projects are celebrating anniversaries in April? Congratulations to Apache CXF (14 years); Avro, HBase, Mahout, Nutch, Tika, and Traffic Server (12 years); Creadur and Jena (10 years); DeltaSpike (9 years); ORC and Parquet (7 years); AsterixDB and Johnzon (6 years); CarbonData and Fineract (5 years); NetBeans, PLC4X, and SkyWalking (3 years); and ShardingSphere (2 years) https://projects.apache.org/committees.html?date
- Did you know that you can anonymously take the 2022 Apache Pulsar Website Survey and help improve the new Pulsar Website? https://lists.apache.org/thread/08hchngnrhz79jhc1d96g3rh8ox2x2db
- Did you know that the ASF has been accepted as a Google Summer of Code mentoring organization for the 17th consecutive year? Apache Project mentors welcome! https://lists.apache.org/thread/cbplf0mszmxx2dv6oor0v227h8kfrk2m
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 01:56PM Apr 04, 2022
by Swapnil M Mane in Newsletter |
|
Success at Apache: My experience with the Apache Way —a perfect society?
by Etienne Chauchot
I have been working in software engineering for more than 15 years. I've always contributed to Open Source software as a user or a developer. But I've been contributing to Apache Software Foundation (ASF) projects such as Apache Flink, Apache Beam or Apache Spark for nearly 6 years. It is long enough for me to say that I find the Apache Way is almost the best way to collaborate on software engineering.
I will not describe the Apache way here as there is a lot of good information about that already. I would rather link to the official Apache documentation. I humbly suggest that you read what it is if you don't know it already.
My point here is to talk about the Apache Way in practice as I’ve experienced it. Of course, every Apache community is different, but what I wanted to emphasize is that applying the Apache Way by the book could lead to what I'd call a "perfect society" even if this word seems a bit naive and over optimistic, or even utopian.
A perfect society
Actually, working with the Apache way was a revelation to me!
ASF projects are governed by merit: what you do inside the community is noted, you get credit and it can lead to you obtaining more rights (direct access to the project repositories, election of committers etc.). Merit also drives decisions, discussing solutions and building consensus or voting for the best one helps lead to the best possible state of the project in the end. The best idea always wins in the long term.
The software is not driven by companies: no vendor concerns should take precedence over community. Consider how the ASF creates new top-level projects (TLP): a project starts in the Apache Incubator and is mentored by people who have already participated in successful Apache projects. When the mentors agree a project is ready, healthy and following The Apache Way, the ASF Board can approve its graduation from the Incubator to become a self-governing TLP. So the project is managed by the community itself and not by a single company and its private financial considerations. This helps drive the best decisions for the software itself and ensures long term maintenance of the software.
It is inclusive: the key aspect is that every voice matters, and that everyone is considered equal no matter their personal background, education, ethnicity or nationality, every contribution is good to take. Community members recognize that people skills may be different and complementary to theirs. So contributions might come from anyone, from anywhere and in any form (blog post, documentation, talk, code, website...)
ASF communities are welcoming: they are in constant search for new talents to join their forces. Being welcoming is very important to build and grow a community. The Open source community is also a great place for people to grow. The way people collaborate is generally by mentoring. Experienced contributors help newcomers or experts share their thoughts with others. It is really also a good way for mentors to share their passion and inspire mentees. Mentoring is in the DNA of the ASF starting with the Incubator when the podling community profits from the experience and advice of a mentor to grow in the Apache Way and become a top level project.
Communities are self-organized: there is no manager but only technical leaders and mentors. Each community has a PMC that guides its governance, but its responsibilities don’t include assigning work and expecting it to be done. People are self-motivated and I must say that it is the best form of motivation ever! I’ve found the decision-making simple and efficient: there is no solely decision, feedback is always very important. People are willing to share their thoughts and solve problems together.
Community members have a collaborative mindset: they are positive, act constructively and their comments are in the best interest of the project and the community. They are willing to share their thoughts, review PRs, share advice, accept change requests or bug tickets. People are willing to accept criticism without being defensive. The master word is transparency.
Last but not least, I’ve seen most people behave gently: the fact that every communication is public guides people to communicate in a positive way. Indeed one of the ASF guiding concepts is "what did not happen publicly didn’t happen" – often said as “what didn’t happen on the mailing list, didn’t happen” but of course this concept can be generalized to any communication tool we use. Examples of good communication I’ve seen in open source communities are: asking questions or suggesting rather than affirming or asking for thoughts rather than disagreeing bluntly. An open source contributor should try to put theirself in the other person's shoes, trying to not hurt their feelings and to not demotivate them.
Considering all of this, what I can tell is that it is the way we all would like people and society in general to behave, no?
Daily life
The funny thing is that it goes even further, after some years of applying this philosophy (I was told lately that it felt almost like a religion) at work on a full time basis, I started applying it to daily life outside of work. It started to become my standard way of behaving in society:
Meritocracy becomes second nature, for example I reward my home builders with gifts and public credit because they did a good job, I reward my kids for good school work etc...
I also started to give time to others and share knowledge, mentoring becomes second nature as well.
Another big thing which is very visible is that I now always take good care to give positive communication, leading to positive and constructive thinking. Positivism also becomes a key aspect of my daily life.
On a professional basis, an important thing is that merit never expires. So, if you gain committership on a project, or become a PMC member or even an ASF member, it is for life. So your skills are recognized by your peers for your whole career. This is an incredible credit and a tremendous trust mark!
Can be a bit challenging
In order to avoid being seen as a total idealist, I need to temper a bit:
I remember when I first joined an open source community, I felt intimidated. Community members are generally very senior level and very highly skilled developers. But, remember what is written above: every contribution is good to take. And, with time and mentoring, anyone can earn a place inside the community.
The other thing I felt a bit difficult when I joined is to find where to start: some projects are old enough to have a large community so the amount of code is pretty high. But here again mentoring comes into play: mentors can give you pointers on hot topics, starter tickets or simply areas that need maintenance. And with time, you might be recognized as an expert in a given area and the exciting subjects will come to you.
And if you feel like you want to join a smaller community try joining a project which is still in the incubation phase!
Conclusion
I hope you enjoyed these insights and I hope it gave you the motivation to join an open source community.
Etienne Chauchot has been working in software engineering for more than 15 years and is now specialized in Big Data. He is an Open Source fan, and contributes to Apache projects such as Apache Beam, Apache Flink or Apache Spark. He is also the author of the "Big data Chronicles" blog. He is an Apache Beam committer and PMC member and also an Apache Foundation member.
Posted at 10:21PM Mar 29, 2022
by Sally Khudairi in SuccessAtApache |
|
The Apache Weekly News Round-up: week ending 25 March 2022
We're wrapping up another great week with the following activities from the Apache community:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 333 Apache Committers changed 4,901,028 lines of code over 3,786 commits. Top 5 contributors, in order, are: Jean-Louis Monteiro, Jianyun Cheng, Sebastian Bazley, Benoit Tellier, and James Netherton.
Apache Project Announcements – the latest updates by category.
APIs --
- Apache APISIX 2.13.0 released
Big Data --
- Apache Calcite Avatica 1.30.0 released
- Apache SeaTunnel (Incubating) 2.1.0 released
- Apache Kyuubi (Incubating) 1.5.0-incubating released
Blockchain --
- Apache Tuweni (Incubating) 2.2.0 released
Content --
- Apache POI 5.2.2 released
- Apache Syncope 2.1.11 released
- Apache Sling 12 released
- Apache IoTDB 0.13.0 released
- Apache StreamPipes (Incubating) 0.69.0 released
Libraries --
- Apache OpenJPA 3.2.2 released
- Apache Daffodil 3.3.0 released
Messaging --
- Apache Qpid Proton 0.37.0 and Qpid Dispatch 1.19.0 released
- Apache Pulsar 2.8.3 released
- Apache Solr Operator v0.5.1 released
- Apache Lucene 9.1.0 released
Servers --
Did You Know?
- Did you know that improvements to Apache Drill 1.20 include backward
compatibility with Apache Hadoop 2; connectors for Apache Phoenix;
writing to JDBC data sources; support for new data file formats
(including Apache Iceberg and SAS files); and API query improvements?
- Did you know that Apache Calcite 1.30 includes Babel support for
<=> operator; SQL hints for temporal table join; fixtures so that
dependent projects can write parser, validator, and rules tests; and
upgrade jsonpath to fix CVE-2021-27568?
- Did you know that the CloudStack European User Group will be held virtually on 7 April?
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 11:30AM Mar 28, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 18 March 2022
Happy Friday! Let's take a look at what the Apache community has been up to over the past week:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 20 April 2022. Running Board calendar and minutes are available.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 328 Apache Committers changed 10,109,144 lines of code over 3,415 commits. Top 5 contributors, in order, are: Mark Thomas, Chesnay Schepler, Gary Gregory, Jean-Baptiste Onofré, and Claus Ibsen.
Apache Project Announcements – the latest updates by category.
Big Data --
- Apache Beam 2.37.0 released
Content --
- Apache Jackrabbit Oak 1.6.23 released
Cloud Computing --
- Apache Kafka 3.0.1 released
- Apache Libcloud 3.5.0 released
- CVE-2022-26779: Apache Cloudstack: insecure random number generation affects project email invitation
Database --
- Apache Geode 1.13.8 released
- Apache Camel 3.11.6 (LTS) released
Libraries --
- Apache Commons Daemon 1.3.0 released
Messaging --
- Apache ActiveMQ 5.17.0 released
- Apache Curator 5.2.1 released
Observability --
- Apache SkyWalking NodeJS 0.4.0 released
- Apache Groovy 4.0.1 released
Servers --
- Apache HTTP Server 2.4.53 released
-- CVE-2022-23943: mod_sed: Read/write beyond bounds
-- CVE-2022-22721: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
-- CVE-2022-22720: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
-- CVE-2022-22719: mod_lua Use of uninitialized value of in r:parsebody
- Apache Tomcat 8.5.77, 9.0.60, 10.0.18, 10.1.0-M12 (alpha) released
- Apache Traffic Server 9.1.2 released
- Apache HttpComponents Core 5.2-beta1 released
Did You Know?
- Did you know that the Apache Druid community will be holding a hybrid meetup on 29 March?
- Did you know that the Bangor Australia's Bangor Brumbies Football Club site uses Apache Wicket?
- Did you know that you can support the ASF through one-time and recurring tax-deductible donations online using Apple Pay, Google Pay, and Microsoft Pay using your mobile phone? https://donate.apache.org/
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 03:20PM Mar 21, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 11 March 2022
Hello, everyone --let's review the Apache community's activities from over the past week:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 16 March 2022. Running Board calendar and minutes are available.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 336 Apache Committers changed 4,769,139 lines of code over 3,697 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Otavio R. Piske, Gary Gregory, Andrea Cosentino, and Andi Huber.
Apache Project Announcements – the latest updates by category.
Big Data --
- CVE-2021-38296: Apache Spark: Key Negotiation Vulnerability
Content --
- Apache Any23 2.7 released
-- CVE-2022-25312: An XML external entity (XXE) injection vulnerability exists in the RDFa XSLTStylesheet extractor
- Apache Jackrabbit 2.20.5 released
Cloud Computing --
- Apache CloudStack 4.16.1.0 LTS released
Database --
- Apache ZooKeeper 3.8.0 released
- Apache Geode 1.12.9 released
IDE --
- Apache NetBeans 13 released
IoT --
- Apache IoTDB 0.12.5 released
Libraries --
- Apache Olingo 4.9.0 released
Mail --
- Apache James 3.7.0 released
Orchestration --
- Apache Hop 1.2.0 released
Did You Know?
- Did you know that the next Apache Druid MeetUp will be held both online and in-person in Tel Aviv on 29 March?
- Did you know that Apache ShardingSphere SQL Parse Format Function allows
you to easily understand and automatically format complicated SQL
statements?
- Did you know that the next Apache Airflow Community Meetup will be held on 16 March? Sign up to learn about Data Migration Pipeline with Apache Airflow http://bit.ly/3sES9fL
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 12:47PM Mar 14, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 4 March 2022
We're opening March with a cracking week. Here's what the Apache community has been up to:
Sponsor Apache – a number of tax-deductible sponsorships help offset the ASF's day-to-day operating expenses that include infrastructure support, bandwidth, connectivity, servers, hardware, development environments, legal counsel, accounting services, trademark protection, marketing and publicity, educational events, and more.
- The Apache Software Foundation Welcomes VMware as its Newest Platinum Sponsor
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
- Announcing New ASF Board of Directors, elected during this week's Members' Meeting.
- Next Board Meeting: 16 March 2022. Running Board calendar and minutes are available.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 332 Apache Committers changed 880,561 lines of code over 3,128 commits. Top 5 contributors, in order, are: Olivier Lamy, Andrea Cosentino, Claus Ibsen, Sebastian Rühl, and Eric Milles.
Apache Project Announcements – the latest updates by category.
Application Servers/Middleware --
- Apache Karaf Decanter 2.9.0 released
Content --
- Apache Jackrabbit Oak 1.22.11 released
- Apache POI 5.2.1 released
- CVE-2022-26336: poi-scratchpad: A carefully crafted TNEF file can cause an out of memory exception
FinTech --
- Apache Fineract 1.6.0 released
Libraries --
- Apache PDFBox JBIG2 ImageIO plugin 3.0.4 released
Logging Services --
- Apache Log4j 2.17.2 released
Network Application Framework --
- Apache MINA FtpServer 1.1.3 released
Servers --
- Apache Tomcat 9.0.59, 10.0.17 and 10.1.0-M11 (alpha) released
Workflow --
- CVE-2021-45229: Apache Airflow: Reflected XSS via Origin Query Argument in URL
Did You Know?
- Did you know that the Apache Ignite community's CFP for IgniteSummit (taking place online 14 June) closes on 29 April?
- Did you know that HugeGraph (incubating), a large-scale and easy-to-use graph database that stores and queries billions of vertices and edges, is the newest podling undergoing development in the Apache Incubator?
- Did you know that the ASF manages 2,180 mailing lists, 486 of which are private? Over the past year, 19,053 authors sent 1,946,990 emails on 869,461 topics!
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- The Apache Month in Review: January 2022 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:37PM Mar 07, 2022
by Sally Khudairi in Newsletter |
|
The Apache Weekly News Round-up: week ending 25 February 2022
Farewell, February --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 16 March 2022. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 100.00%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 323 Apache Committers changed 1,586,514 lines of code over 3,215 commits. Top 5 contributors, in order, are: Claus Ibsen, Jean-Louis Monteiro, Andrea Cosentino, Gary Gregory, and Eric Milles.
Apache Project Announcements – the latest updates by category.
Application Servers/Middleware --- Apache Karaf Decanter 2.9.0 releasedContent --
- Apache Jackrabbit Oak 1.22.11 released
- Apache JSPWiki CVE-2022-24947: CSRF Account Takeover
-- CVE-2022-24948: Cross-site scripting vulnerability on User Preferences screenFinTech --
- Apache Fineract 1.6.0 released
Network Client --
- Apache MINA 2.0.23, 2.1.6 released
Workflow --
- Apache Airflow CVE-2022-24288: RCE in example DAGs
Did You Know?
- Did you know that Apache Beam helps Palo Alto Networks meet streaming
needs by providing a highly-performant, reliable, and resilient data
processing framework for 10 million security events per second across 3
petabytes per day?
- Did you know that the Australian Department of Transport's Vehicle Inspection System webapp is powered by Apache Wicket?
- Did you know that Apache Ignite is a distributed cache, a distributed database, an in-memory database, and an in-memory data grid?
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- The Apache Month in Review: January 2022 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:49PM Feb 28, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 18 February 2022
We're wrapping up another great week with the following activities from the Apache community:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 16 March 2022. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 99.99%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 350 Apache Committers changed 12,933,273 lines of code over 3,260 commits. Top 5 contributors, in order, are: Claus Ibsen, Udo Schnurpfeil, Andrea Cosentino, Mark Thomas, and Paul King.
Apache Project Announcements – the latest updates by category.
Big Data --- Apache Accumulo 1.10.2 releasedContent --
- Apache Tika 1.28.1 released Libraries --
- Apache Commons JCS 3.1 released
Messaging --
- Apache ActiveMQ 5.16.4 released
Did You Know?
- Did you know that select Apache Projects and mentors are preparing for the upcoming GSoC 2022 (mentoring organizations will be announced on 7 March)? Those interested in participating can learn how to get involved at https://community.apache.org/gsoc.html
- Did you know that the next CloudStack European User Group will be held online on 7 April?
- Did you know that the CFP for Ignite Summit (taking place online on 14 June) closes on 29 April?
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- The Apache Month in Review: January 2022 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 03:55PM Feb 21, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 11 February 2022
Hello, everyone --let's review the Apache community's activities from over the past week:
Apache Software Foundation Statement at 8 February 2022 Senate Committee hearing on Homeland Security and Government Affairs https://s.apache.org/485lz
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 16 February 2022. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 100.00%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 308 Apache Committers changed 5,335,315 lines of code over 2,989 commits. Top 5 contributors, in order, are: Gary Gregory, Emmanuel Lecharny, Mark Thomas, Liang Zhang, and Tilmann Zäschke.
Apache Project Announcements – the latest updates by category.
APIs --- Apache APISIX 2.10.2 released
-- CVE-2022-24112: apisix/batch-requests plugin allows overwriting the X-REAL-IP header
Big Data --
- Apache Beam 2.36.0 released
- Apache Traffic Control 6.1.0 released
-- CVE-2022-23206: Server-Side Request Forgery in Traffic Ops endpoint POST /user/login/oauth
- Apache Tika 2.3.0 released
-- Apache Tika 1.x End-Of-Life (EOL) announcement https://s.apache.org/lkqid
- Apache Jackrabbit 2.21.10 released
Database --
- Apache JDO 3.2 released
- Apache Cassandra CVE-2021-44521: Remote code execution for scripted UDFs
- Apache James 3.6.2 released
-- CVE-2022-22931: Path traversal in Apache James Web Frameworks --
- Apache Wicket 9.8.0 released
Did You Know?
- Did you know that you can scale Apache SkyWalking in Kubernetes natively? https://skywalking.apache.org/blog/2022-01-24-scaling-with-apache-skywalking/
- Did you know that the next Apache Ignite Community Gathering MeetUp will take place online on 16 February?
- Did you know that the ASF's seven-member Infrastructure team performs
7M+ weekly checks to ensure services are available around the clock to
all Apache Projects and their communities? Average uptime in January
2022 was 100%!
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- The Apache Month in Review: January 2022 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:35PM Feb 14, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 4 February 2022
Welcome, February --we're opening the month with another great week. Here's what the Apache community has been up to:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 16 February 2022. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 99.89%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot –
Over the past week, 303 Apache Committers changed 9,625,849 lines of
code over 3,255 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Claus Ibsen, Sebastian Bazley, Guillaume Nodet, and Eric Milles.
Apache Project Announcements – the latest updates by category.
Apache Attic -- provides process and solutions when an Apache project has reached its end of life.
- Apache Ambari is retired
- Apache Usergrid is retired
APIs --
- Apache APISIX 2.12.0 released
- Apache Kyuubi (incubating) 1.4.1-incubating released
- Apache Hudi 0.10.1 released
- Apache Gobblin CVE-2021-36151: Local Credentials Disclosure Vulnerability
Business Intelligence --
- Apache Superset CVE-2021-44451: API sensitive information leak
- Apache Jackrabbit Oak 1.8.26 released
Integration --
- Apache Camel 3.15.0 released
Messaging --
- Apache Pulsar CVE-2021-41571: Pulsar Admin API allows access to data from other tenants using getMessageById API
Middleware --
- Apache Linkis (incubating) released
- Apache Groovy 4.0.0 released
Servers --
- Apache HttpComponents Client 5.1.3 GA released
- Apache HTTP mod_perl 2.0.12 released
Web Frameworks --
- Apache Wicket 8.14.0 released
Did You Know?
- Did you know that the following Apache Projects are celebrating anniversaries this month? Congratulations to Apache HTTP Server (27 years!); Gump and Portals (18 years); Directory, MyFaces, and Xerces (17 years); Tapestry (16 years); Roller (15 years); Cassandra and Subversion (12 years); Chemistry (11 years); BVal and OpenNLP (10 years); Clerezza (9 years); Knox and Spark (8 years); DataFu (4 years); Unomi (3 years); Daffodil, Ratis, and Solr (2 years)! https://projects.apache.org/committees.html?date
- Did you know that the ASF is joining the Open Geospatial Consortium and Open Source Geospatial Foundation to hold the 2022 Joint OGC-OSGeo-ASF Code Sprint, taking place 8-10 March? Those interested in helping advance OGC Standards through numerous Apache and OSGeo projects are invited to learn more and sign up at https://portal.ogc.org/public_ogc/register/220225asf_codesprint.php
- Did you know that the CFP for Airflow Summit (taking place online 23-27 May) is now open?
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- The Apache Month in Review: January 2022 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:21PM Feb 07, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 28 January 2022
Farewell, January --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 16 February 2022. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 100.00%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot –
Over the past week, 337 Apache Committers changed 1,533,287 lines of
code over 3,738 commits. Top 5 contributors, in order, are: Jarek Potiuk, Sebastian Bazley, Claus Ibsen, Harikrishna Patnala, and Mark Thomas.
Apache Project Announcements – the latest updates by category.
APIs --
- Apache ShenYu (Incubating) 2.4.2 released
-- CVE-2022-23944: Improper access control
-- CVE-2022-23945: Missing authentication allows gateway registration
Application Servers/Middleware --
- Apache Karaf runtime 4.3.6 released
-- CVE-2021-41766: Insecure Java Deserialization
-- CVE-2022-22932: Path traversal flaws
- Apache Tuweni (Incubating) 2.1.0 released
Cloud Computing --
- Apache Kafka 3.1.0 released
Content --
- Apache Jackrabbit Oak 1.22.10 released
Databases --
- Apache Geode 1.14.3 released
- Apache Camel 3.14.1 (LTS) released
Orchestration --
- Apache Hop 1.1.0 released
Servers --
- Apache Tomcat CVE-2022-23181: Local Privilege Escalation
Web Frameworks --
- Apache Struts 2.5.29 released
Did You Know?
- Did you know that the ASF published a statement following the 13 January meeting at the White House on the security of Open Source software? https://s.apache.org/jri14
- Did you know that members of the Apache Arrow, Flink, Kafka, Mahout, Maven, OpenOffice, ShardingSphere, Spark, and other project communities will be presenting at FOSDEM (taking place online 5-6 February)?
- Did you know that the CFP for Beam Summit (hybrid event taking place 18-20 July) closes on 15 March?
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- The Apache Month in Review: December 2021 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 03:05PM Jan 31, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 21 January 2022
We're wrapping up another great week with the following activities from the Apache community:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.- Next Board Meeting: 16 February 2022. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 100.00%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 339 Apache Committers changed 2,470,884 lines of code over 3,505 commits. Top 5 contributors, in order, are: Gary Gregory, Claus Ibsen, Adam Kocoloski, Mark Thomas, and Tian Jiang.
Apache Project Announcements – the latest updates by category.
APIs --
- Apache APISIX Java Plugin Runner 0.2.0 released
Application Servers/Middleware --
- Apache Karaf runtime 4.2.15 and 4.3.6 released
- Apache NiFi 1.15.3 released
- Apache Flink 1.14.3 released
- Apache ShardingSphere ElasticJob UI 3.0.1 released
- Apache Knox 1.6.1 released
-- CVE-2021-42357: DOM based XSS Vulnerability
Content --
- Apache POI 5.2.0 released
Databases --
- Apache Geode 1.12.8, 1.13.7 and Kafka Connector 1.1.0 released
Data Management Platform --
- Apache Ignite 2.12.0 released
Enterprise Processes Automation / ERP --
- Apache OFBiz 17.12 End-Of-Life (EOL) announcement https://s.apache.org/hm5oe
Libraries --
- Apache Log4j CVE-2022-23302: Deserialization of untrusted data in JMSSink in Apache Log4j 1.x
-- CVE-2022-23305: SQL injection in JDBC Appender in Apache Log4j V1
-- CVE-2022-23307: A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution
Orchestration --
- The Apache Software Foundation Announces Open Source data orchestration platform Apache® Hop™ as a Top-Level Project https://s.apache.org/4s3ci
Observability --
- Apache SkyWalking Could on Kubernetes 0.6.1 released
Servers --
- Apache Tomcat 8.5.75, 9.0.58, 10.0.16, and 10.1.0-M10 (alpha) released
- Apache Airflow CVE-2021-45230: Creating DagRuns didn't respect Dag-level permissions in the Webserver
Did You Know?
- Did you know that the following Apache projects are celebrating anniversaries this month? Congratulations to Apache Cocoon, James, and Web Services (19 years); Lucene (17 years); ActiveMQ (15 years); Hadoop (14 years); River (11 years); Empire-db and Gora (10 years); OpenMeetings (9 years); Samza (7 years); Arrow (6 years); Ranger (5 years); and Gobblin (1 year) https://projects.apache.org/committees.html?date
- Did you know that Netflix and Target are building modern analytics applications to deliver interactive data experiences using Apache Druid?
- Did you know that Disney+Hotstar's streaming data lakes injest 1 million
events per second using Apache Kafka, store 14tb of data per day in an
Apache HBase warehouse, and stream using Apache Hudi? https://projects.apache.org/projects.html?category
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- The Apache Month in Review: December 2021 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:06PM Jan 24, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 14 January 2022
Happy Friday! Let's take a look at what the Apache community has been up to over the past week:
ASF Security Report 2021 – the state of security across all Apache projects with key metrics, specific vulnerabilities, and the most common ways users of ASF projects were affected by security issues https://s.apache.org/SecurityReport2021
Apache Software Foundation statement on White House Open Source Security Summit https://s.apache.org/jri14
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 100.00%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 322 Apache Committers changed 1,963,025 lines of code over 3,852 commits. Top 5 contributors, in order, are: Gary Gregory, Antoine Toulme, Claus Ibsen, Mark Thomas, and Dan Klco.
Apache Project Announcements – the latest updates by category.
Big Data --- Apache Flink ML 2.0.0 released
Content --
- Apache Jackrabbit 2.16.9 released
Machine Learning --
- Apache TVM 0.8.0 released
Network Client --
- Apache Guacamole 1.4.0 released
-- CVE-2021-41767: Private tunnel identifier may be included in the non-private details of active connections
-- CVE-2021-43999: Improper validation of SAML responses
Observability --
- Apache SkyWalking Kong version 0.2.0 released
- Apache DolphinScheduler 2.0.2 released
- Apache Airflow Helm Chart 1.4.0 released
Did You Know?
- Did you know that more than 630,000 individuals have contributed to Apache projects and initiatives since the ASF's incorporation in 1999? https://blogs.apache.org/foundation/entry/apache-in-2021-by-the
- Did you know that Apache DolphinScheduler won a "2021 OSC Most Popular Projects" award from OSCHINA?
- Did you know that video recordings from the 2021 TVMCon (Apache TVM and Open Source ML acceleration conference) are now available online?
Apache Community Notices
- Apache in 2021 - By The Digits + Video highlights
- The Apache Month in Review: December 2021 and video highlights
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:56PM Jan 17, 2022
by Swapnil M Mane in Newsletter |
|
The Apache Weekly News Round-up: week ending 7 January 2022
Welcome, 2022! We hope that you have had a festive holiday season
and are excited to kick off the new year. Here's what happened over the
past week:
- Summary and stats at https://s.apache.org/Apache2021Digits
- Video highlights https://youtu.be/GU0SV_2tWkU
- December 2021 https://s.apache.org/December2021
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
-
7M+ weekly checks yield uptime at 99.98%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 280 Apache Committers changed 2,780,891 lines of code over 2,868 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Gary Gregory, Mark Thomas, Harikrishna Patnala, and Claus Ibsen.
Apache Project Announcements – the latest updates by category.
Big Data --- Apache Avro 1.11.0 released
-- CVE-2021-43045: Possible DOS vulnerabilities in C# Avro SDK
Enterprise Processes Automation / ERP --
- Apache OFBiz 18.12.05 released
- Apache Camel 3.11.5 (LTS) released
Mail --
- Apache James 3.6.1 released
-- CVE-2021-38542: STARTTLS command injection (IMAP and POP3)
-- CVE-2021-40110: IMAP vulnerable to a ReDoS
-- CVE-2021-40111: IMAP parsing Denial Of Service
-- CVE-2021-40525: Sieve file storage vulnerable to path traversal attacks
Network Client --
- Apache Guacamole 1.4.0 released
- Apache MINA FTPServer 1.1.2 released
- Apache Struts 2.5.28.3 released
- Apache Portals 3.1.1 released
-- CVE-2021-36737: XSS in V3 Demo Portlet
-- CVE-2021-36738: XSS vulnerability in the JSP version of the Pluto Applicant MVCBean CDI portlet
-- CVE-2021-36739: XSS vulnerability in the MVCBean JSP portlet maven archetype
Did You Know?
- Did you know that in 2021, 724 individuals new to the ASF contributed to Apache projects and initiatives? https://s.apache.org/Apache2021Digits
- Did you know that Apache Druid is frequently used for AdTech data? https://druid.apache.org/
- Did you know that PulsarSummit Asia 2022 will be held online on January 15-16? https://pulsar-summit.org/
Apache Community Notices
- Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature [49 min] 2) "Apache Everywhere" [6 min] 3) "Why Apache" [2.5 min] 4) “Apache Innovation” [40 min]
- ASF Annual Report: FY2021 -- Press release and Report (PDF)
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Posted at 02:38PM Jan 10, 2022
by Swapnil M Mane in Newsletter |
|