The Apache Software Foundation
Blogging in Action.

ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998
 - EARLY Registration & Hotel Block open: ApacheCon North America/Las Vegas 9-12 September http://apachecon.com/
 - FINAL CALL -- CFP closing 26 May & EARLY Registration open: ApacheCon Europe/Berlin 22-24 October http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield smashing uptime at 100%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 451 Apache contributors changed 1,288,629 lines of code over 2,745 commits. Top 5 contributors, in order, are: Duo Zhang, Matteo Merli, Claus Ibsen, Iñigo Goiri, and Jimin Wu.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Kylin 2.6.2 released https://kylin.apache.org/
 - Apache NiFi Registry 0.4.0 released https://nifi.apache.org/

Content --
 - Apache JSPWiki 2.11.0.M4 released https://jspwiki-wiki.apache.org/
 - [CVE-2019-10076] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki https://lists.apache.org/thread.html/84dc7c14da8907c2eb4b83deacacaa94fbd997e4f6f2a17e05422328@%3Cannounce.apache.org%3E
 - [CVE-2019-10077] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki https://lists.apache.org/thread.html/ea6e712888f2d2edcc17ac5562eedeb1247ca3e65cc7d6f736849c98@%3Cannounce.apache.org%3
 - [CVE-2019-10078] Apache JSPWiki Cross-site scripting vulnerability on Apache JSPWiki https://lists.apache.org/thread.html/d88a615ab8bc1a014bc30f272edddc4de885adf0cacc382dc8c755cc@%3Cannounce.apache.org%3E
 - Apache Tika 1.21 released https://tika.apache.org/

Network-Client --
 - Apache Qpid JMS AMQP 0-x 6.3.4 released http://qpid.apache.org

Tools --
 - The Apache Software Foundation Announces Apache® Dubbo™ as a Top-Level Project https://s.apache.org/jjzT

Did You Know?

 - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary

 - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

Happy-happy Friday --let's take a look back at what the collective Apache community has been working on over the past week:

The Apache Software Foundation –the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives.
 - Announcing changes in the ASF Board https://s.apache.org/rEAx [thank you, Jim Jagielski and Phil Steitz for your service on the Board of Directors. Welcome, Danny Angus and Ted Dunning as Board Members!]

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 17 June. Board calendar and minutes http://apache.org/foundation/board/calendar.html

# # #

ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon
 - Next week in Chicago: Apache Roadshow 13-14 May http://apachecon.com/chiroadshow19/ Learn the latest in AdTech, BigData, Community Diversity, FinTech, IoT, Machine Learning, "Made in Chicago" startups, Podling Shark Tank, and more!
 - OPEN: ApacheCon CFPs + EARLY Registration: 1) North America/Las Vegas 9-12 September; 2) Europe/Berlin 22-24 October http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.93%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 438 Apache contributors changed 1,041,284 lines of code over 2,688 commits. Top 5 contributors, in order, are: Ismaël Mejía, Jean-Baptiste Onofré, Julian Reschke, Andrea Cosentino, and Paul King.

Apache Project Announcements –the latest updates by category.

Build Management --
 - Apache Ant 1.10.6 released https://ant.apache.org/

Content --
 - Apache Jackrabbit 2.16.4 and 2.19.3 released http://jackrabbit.apache.org

Libraries --
 - Apache Olingo 4.6.0 released https://olingo.apache.org/

Network-Client --
 - Apache Qpid Proton-J 0.33.0 released http://qpid.apache.org

Did You Know?

 - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary

 - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon
 - Join us in Chicago: Apache Roadshow 13-14 May http://apachecon.com/chiroadshow19/ Learn the latest in AdTech, BigData, Community Diversity, FinTech, IoT, Machine Learning, "Made in Chicago" startups, Podling Shark Tank, and more!
 - ApacheCon CFPs + EARLY Registration OPEN: 1) North America/Las Vegas 9-12 September; 2) Europe/Berlin 22-24 October http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - The Apache® Software Foundation Expands Infrastructure with GitHub Integration https://s.apache.org/7lio
 - Apache and GitHub - a friendly PSA about awesomeness https://s.apache.org/Wkyw
 - 7M+ weekly checks yield uptime at 99.93%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 429 Apache contributors changed 937,836 lines of code over 2,640 commits. Top 5 contributors, in order, are: Andrea Cosentino, Jean-Baptiste Onofré, zhangduo, Ayush Saxena, and Chesnay Schepler.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Calcite Avatica 1.14.0 released https://calcite.apache.org/
 - Apache Drill 1.16.0 released https://drill.apache.org/

Build Management --
 - Apache Archiva 2.2.4 released http://archiva.apache.org/
 - CVE-2019-0213: Apache Archiva Stored XSS https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d@%3Cannounce.apache.org%3E
 - CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8@%3Cannounce.apache.org%3E

Content --
 - Apache UIMA-DUCC 3.0.0 released http://uima.apache.org/
 - CVE-2018-8035: Apache UIMA DUCC webserver cross-site scripting (XSS) vulnerability fix https://lists.apache.org/thread.html/e738e3c87df558d62615687d5a409033d24f792783a2f339ed447314@%3Cannounce.apache.org%3E

FinTech --
 - Apache Fineract 1.3.0 released http://fineract.apache.org/

Network-Client --
 - Apache Directory LDAP API 1.0.3 released http://directory.apache.org/
 - Apache MINA 2.1.2 released http://mina.apache.org

Did You Know?

 - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary

 - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - Countdown to Chicago: Apache Roadshow/Chicago 13-14 May. Join us! http://apachecon.com/chiroadshow19/
 - CFPs + REGISTRATION OPEN for both ApacheCons: 1) North America/Las Vegas 9-12 September; 2) Europe/Berlin 22-24 October http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield uptime at 99.93%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 417 Apache contributors changed 912,435 lines of code over 2,318 commits. Top 5 contributors, in order, are: Thomas D'Silva, zhangduo, Yuan Gao, Claus Ibsen, and Tilman Hausherr.

Apache Project Announcements –the latest updates by category.

Application Performance Monitor --
 - The Apache Software Foundation Announces Apache® SkyWalking™ as a Top-Level Project https://s.apache.org/6ji5

Big Data --
 - Apache Beam 2.12.0 released https://beam.apache.org/
 - Apache Geode 1.9.0 released https://geode.apache.org/

Development Environment --
 - The Apache Software Foundation Announces Apache® NetBeans™ as a Top-Level Project https://s.apache.org/OfIm

Identity Management --
 - Apache Syncope 2.0.13 and 2.1.4 released http://syncope.apache.org/

IoT/Edge Computing --
 - The Apache Software Foundation Announces Apache® PLC4X™ as a Top-Level Project https://s.apache.org/ABqy

Network-Client --
 - Apache Qpid Proton 0.27.1 released released http://qpid.apache.org
 - [CVE-2019-0223] Apache Qpid Proton TLS Man in the Middle Vulnerability https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0@%3Cannounce.apache.org%3E

Version Control --
 - Apache Subversion 1.12.0 released https://subversion.apache.org/

Web Frameworks --
 - [CVE-2019-0186] (Apache Portals) The input fields of the Chat Room demo are vulnerable to Cross-Site Scripting (XSS) attacks https://lists.apache.org/thread.html/f715aa08c3d3be766a52e627810bc59b3c4c9a858a710960a66e8919@%3Cannounce.apache.org%3E

Did You Know?

 - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary

 - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - REGISTRATION OPEN: Apache Roadshow/Chicago 13-14 May http://apachecon.com/chiroadshow19/
 - CFP + REGISTRATION OPEN for both ApacheCons: 1) North America/Las Vegas 9-12 September; 2) Europe/Berlin 22-24 October http://apachecon.com/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.85% uptime. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 438 Apache contributors changed 1,121,934 lines of code over 2,427 commits. Top 5 contributors, in order, are: Jan Piotrowski, wujimin, Qian Zhang, Andrea Cosentino, and Ash Berlin-Taylor.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Kylin 3.0.0-alpha released https://kylin.apache.org/
 - Apache Myriad (incubating) 0.3.0 released https://myriad.apache.org/
 - Apache UIMA uimaFIT 3.0.0 released http://uima.apache.org/

Build Management --
 - Apache Maven Version 3.6.1 released https://maven.apache.org/

Databases --
 - Apache Jackrabbit 2.18.1 as well as Jackrabbit Oak 1.6.17 and 1.12.0 released http://jackrabbit.apache.org/

Libraries --
 - Apache Commons Pool 2.6.2 released https://commons.apache.org/
 - Apache Commons Lang 3.9 released https://commons.apache.org/

Messaging --
 - Apache Pulsar 2.3.1 released http://pulsar.apache.org/

Microservices --
 - Apache ServiceComb Java-Chassis version 1.2.0 released http://servicecomb.apache.org/

Network-Client --
 - Apache MINA 2.0.21 and 2.1.1 released http://mina.apache.org/
 - [CVE-2019-0231] MINA SSLFilter security issue https://lists.apache.org/thread.html/8acbf44a72befe0cae16f22d77da2ee4231f1cb08e9d266e09594eae@%3Cannounce.apache.org%3E
 - Apache Qpid Dispatch 1.7.0 released http://qpid.apache.org

Servers --
 - Apache Tomcat 7.0.94, 8.5.40, and 9.0.19 released http://tomcat.apache.org/
 - Apache Traffic Control 3.0.1 released http://trafficcontrol.apache.org/

Web Frameworks --
 - Apache Wicket 9.0.0-M1 released http://wicket.apache.org/

Did You Know?

 - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary

 - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - REGISTRATION OPEN: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/
 - CFP + EARLY REG OPEN for both ApacheCon North America 9-12 September in Las Vegas and ApacheCon Europe 22-24 October in Berlin http://apachecon.com/ --content categories include Big Data, Community, Geospatial, Graphs, Integration, IoT, Machine Learning, Observability, Open Design, and more!

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield stunning 100% uptime! Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 444 Apache contributors changed 1,057,059 lines of code over 2,526 commits. Top 5 contributors, in order, are: Andrea Cosentino, Tilman Hausherr, Zhang Duo, Mark Thomas, and Pedro Boado.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache BookKeeper 4.9.1 released http://bookkeeper.apache.org/
 - Apache Flink 1.8.0 released https://flink.apache.org/
 - Apache NiFi 1.9.2 released https://nifi.apache.org/

Content --
 - Apache PDFBox 2.0.15 released http://pdfbox.apache.org/
 - Apache POI 4.1.0 released https://poi.apache.org/
 - Apache UIMA 3.0.2 released http://uima.apache.org/

Libraries --
 - Apache Portable Runtime APR 1.7.0 released http://apr.apache.org/
 - Apache HttpComponents Client 5.0 beta4 released http://hc.apache.org/

Microservices --
 - Apache ServiceComb Pack version 0.4.0 released http://servicecomb.apache.org/

Network-Client --
 - Apache OpenMeetings 5.0.0-M1 released https://openmeetings.apache.org/
 - Apache Qpid JMS 0.41.0 and Apache Qpid Broker-J 7.1.2 released http://qpid.apache.org

Operating Systems --
 - Apache Mynewt 1.6.0 and Apache NimBLE 1.1.0 released http://mynewt.apache.org/

Servers --
 - CVE-2019-0232 Apache Tomcat Remote Code Execution on Windows https://lists.apache.org/thread.html/4b002204ebf429142448c1998439b9a4cd1516388dec8dfa9054a5a8@%3Cannounce.apache.org%3E

Web Application Frameworks --
 - Apache Wicket 7.13.0 and 8.4.0 released https://wicket.apache.org

Did You Know?

 - Celebrating 20 Years Community-led Development "The Apache Way" https://s.apache.org/ASF20thAnniversary

 - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, bringing Tomorrow's Technology Today since 1998.
 - The Apache® Software Foundation Announces Call for Presentations and Registration Open for ApacheCon, its Official Global Conference Series https://s.apache.org/67tH
 - Schedule live - join us! Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/
 - CFP + Registration Open: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - CFP + Registration Open: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.96% uptime. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 466 Apache contributors changed 840,932 lines of code over 2,547 commits. Top 5 contributors, in order, are: Akira Ajisaka, Zhang Duo, Matteo Merli, Colm O hEigeartaigh, and Ravindra Pesala.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Arrow 0.13.0 released http://arrow.apache.org/
 - Apache BookKeeper 4.8.2 released http://bookkeeper.apache.org/

Libraries --
 - Apache Velocity Engine 2.1 released https://velocity.apache.org/

Network-Client --
 - Apache HttpComponents Client 4.5.8 GA released http://hc.apache.org/
 - Apache Qpid Proton-J 0.32.0 released http://qpid.apache.org

Servers --
 - Apache HTTP Server 2.4.39 released http://httpd.apache.org/

Did You Know?

 - ASF Founders look back on 20 Years of the ASF https://blogs.apache.org/foundation/entry/our-founders-look-back-on

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - ApacheCon: Tomorrow's Technology Today since 1998 http://s.apache.org/ApacheCon

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/
 - CFP Open: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - Registration OPEN: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.97% uptime. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 440 Apache contributors changed 1,112,262 lines of code over 2,920 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Eric Barnhill, Ash Berlin-Taylor, Bryan Call, Andrea Cosentino.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Calcite 1.19.0 released http://calcite.apache.org/
 - Apache Kafka 2.2.0 released http://kafka.apache.org/
 - Apache NiFi MiNiFi C++ 0.6.0 released https://nifi.apache.org/
 - [CVE-2019-0212] Apache HBase REST Server incorrect user authorization https://lists.apache.org/thread.html/37882b94a35fa485399c06d6ab44c7375993e7485dd8f04ba2861fcb@%3Cannounce.apache.org%3E
 - Apache Impala 3.2.0 released https://impala.apache.org/

Content --
 - Apache JSPWiki 2.11.0.M3 released http://jspwiki.apache.org/
 - [CVE-2019-0224] Apache JSPWiki Cross-site scripting vulnerability https://lists.apache.org/thread.html/1d494bff07ab9e710de58e8f58bd95cd8c28b49c3c2ca9c1e1e4ad35@%3Cannounce.apache.org%3E
 - [CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure https://lists.apache.org/thread.html/03ddbcb1d6322e04734e65805a147a32bcfdb71b8fc5821fb046ba8d@%3Cannounce.apache.org%3E

Libraries --
 - Apache Commons BCEL 6.3.1 released https://commons.apache.org/

Servers --
 - Apache Tomcat [SECURITY] CVE-2019-0199 Apache Tomcat HTTP/2 DoS https://lists.apache.org/thread.html/d337df7cd1a3f88a8a626ddae03724a2568d0f91e5e4dc12bfa01731@%3Cannounce.apache.org%3E

Did You Know?

 - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 - Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

[click for "ASF at 20" promo https://s.apache.org/ASF20]

World's largest Open Source foundation provides $20B+ worth of software for the public good at 100% no cost; Apache software used in every Internet-connected country on the planet.

Wakefield, MA —26 March 2019— The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today its 20th Anniversary, celebrating "The Apache Way" of community-driven development as the key to its success.

The world's largest Open Source foundation is home to dozens of freely-available (no cost), enterprise-grade Apache projects that serve as the backbone for some of the most visible and widely used applications. The ubiquity of Apache software is undeniable, with Apache projects managing exabytes of data, executing teraflops of operations, and storing billions of objects in virtually every industry. Apache software is an integral part of nearly every end user computing device, from laptops to tablets to phones.

"What started before the term 'Open Source' was coined has now grown to support hundreds of projects, thousands of contributors and millions of users," said Phil Steitz, Chairman of The Apache Software Foundation. "The Apache Way has shown itself to be incredibly resilient in the wake of the many changes in software and technology over the last twenty years. As the business and technology ecosystems around our projects have grown, our community-based open development model has evolved but remained true to the core principles established in the early days of the Foundation. We remain committed to the simple idea that open, community-led development produces great software and when you make that software freely available with no restrictions on how it can be used or integrated, the communities that develop it get stronger. The resulting virtuous cycle has been profoundly impactful on the software industry as a whole and on those of us who have had the good fortune of volunteering here. When we celebrate fifty years, I am sure that we will say the same thing."

Software for the Public Good
In 1999, 21 founders, including original members of the Apache Group (creators of the Apache HTTP Server; the World's most popular Web server since 1996) formed The Apache Software Foundation to provide software for the public good. The ASF's flagship project, the Apache HTTP Server, continues development under the auspices of the ASF, and has grown to serve more than 80 million Websites worldwide.

"The most successful revolutions are those birthed by Passion and Necessity. What keeps them going are Communities," said ASF co-founder Jim Jagielski. "Congratulations to the ASF and to everyone who has had a hand, large and small, in making it into who and what we are today."

The Apache Way
The open, community-driven process behind the development of the Apache HTTP Server formed the model adopted by future Apache projects as well as emulated by other Open Source foundations. Dubbed "The Apache Way", the principles underlying the ASF embrace:

• Earned Authority: all individuals are given the opportunity to participate, and their influence is based on publicly-earned merit – what they contribute to the community. Merit lies with the individual, does not expire, is not influenced by employment status or employer, and is non-transferable.
  
  
• Community of Peers: participation at the ASF is done through individuals, not organizations. Its flat structure dictates that the Apache community is respectful of each other, roles are equal, votes hold equal weight, and contributors are doing so on a volunteer basis (even if paid to work on Apache code).
  
  
• Open Communications: as a virtual organization, the ASF requires all communications be made online, via email. Most Apache lists are archived and publicly accessible to ensure asynchronous collaboration, as required by a globally-distributed community.
  
  
• Consensus Decision Making: Apache Projects are auto-governing with a heavy slant towards driving consensus to maintain momentum and productivity. Whilst total consensus is not possible to establish at all times, holding a vote or other coordination may be required to help remove any blocks with binding decisions.
  
  
• Responsible Oversight: the ASF governance model is based on trust and delegated oversight, with self-governing projects providing reports directly to the Board. Apache Committers help each other by making peer-reviewed commits, employing mandatory security measures, ensuring license compliance, and protecting the Apache brand and community at-large from abuse.

The ASF is strictly vendor neutral. No organization is able to gain special privileges or control a project's direction, irrespective of employing staff to work on Apache projects or sponsorship status.

The ASF Today
Behind the ASF is an all-volunteer community comprising 730 individual Members and 7,000 Committers stewarding 200M+ lines of code that benefit billions of users worldwide. 

Lauded as one of the industry's most influential communities, the ASF develops and incubates 350+ Open Source projects and initiatives that are made available to the public-at-large at 100% no cost. The ASF has become an invaluable resource for users and developers alike, drawing 35M page views per week across http://apache.org/ ; 9M+ source code downloads from Apache mirrors (excluding convenience binaries), and Web requests received from every Internet-connected country on the planet.

"Over the past two decades, few institutions have been as important for the advancement and growth of Open Source as The Apache Software Foundation," said Stephen O'Grady, Principal Analyst with RedMonk. "By providing a neutral environment for developers from diverse backgrounds to work together, the ASF has played a pivotal role in the history of Open Source, and appears poised to continue in this role for the next decade."

All-Volunteer Community
The membership-based, not-for-profit charitable organization ensures that Apache projects continue to exist beyond the participation of individual volunteers by building diverse communities that develop and support software.

At the ASF, all software development and project leadership is executed entirely by volunteers. The ASF Board and officers are all volunteers. The ASF does not pay for development: thousands of committed individuals help make a difference to the lives of billions of people by ensuring that Apache software remains accessible to all.

The Apache maxim "Community Over Code" underscores that a healthy community is far more important than good code. In the event that the code would dematerialize, a strong community could rewrite it; however, if a community is unhealthy, the code will eventually fail as well.

The merit-driven "Contributor-Committer-Member" approach is the central governing process across the Apache ecosystem. The core Apache Group of 21 individuals grew with developers who contributed code, patches, or documentation. Some of these contributors were subsequently granted "Committer" status by the Membership, and provided access to: 1) commit (write) directly to the code repository, 2) vote on community-related decisions, and 3) propose an active user for Committership. Those Committers who demonstrate merit in the Foundation's growth, evolution, and progress are nominated for ASF Membership by existing members.

Powered by Apache

Apache software is used in every Internet-connected country on the planet. Apache projects serve as the backbone for some of the world’s most visible and widely used applications in Artificial Intelligence and Deep Learning, Big Data, build management, Cloud Computing, content management, DevOps, IoT and Edge computing, mobile, servers, and Web frameworks, among many other categories. Examples of the breadth of applications that are "Powered by Apache" include:

• Panama Papers: library, search, and document management tools used in the 2.6TB Pulitzer Prize-winning investigation;
  
  
• US Federal Aviation Administration: system-wide information management to enable every airplane take off and land in US airspace;
  
  
• Netflix: data ingestion pipeline and stream processing 3 trillion events each day;
  
  
• Uber: handling 1M writes per second for 99.99% availability to users and drivers;
  
  
• Mobile app developers: unifying mobile application development across Blackberry, Android, Windows Mobile, Windows Phone, and iOS operating systems;
  
  
• Facebook: processing requests at 300-petabyte data warehouse, connecting 2B+ active users;
  
  
• NASA Jet Propulsion Laboratory: accessing content across multi-mission, multi-instrument science data systems;
  
  
• Global Biodiversity Information Facility: managing 1B+ occurrence records for open access to data about all types of life on Earth;
  
  
• European Space Agency: powering new mission control system and next-generation simulators infrastructure;
  
  
• Adobe: powering I/O Runtime and the core of Experience Manager;
  
  
• IBM Watson: advancing data intelligence and semantics capabilities to win first-ever "Man vs. Machine" competition on Jeopardy!
  
  
• Boston Children's Hospital: linking phenotypic and genomic data for the Precision Link Biobank
  
  
• Target.com: driving $1B+ in revenue through Big Data optimization;
  
  
• AOL: ingesting 20TB+ of data per day;
  
  
• Minecraft: bundling libraries to modify the second most popular video game of all time;
  
  
• Novopay: serving as a transactional backbone to processes $80M+ each month;
  
  
• Formula 1, Audi, and Daimler: streaming data in vehicles in real time; 
  
  
• Twitter: processing and analyzing more than a Zettabyte of raw data through 200B+ tweets annually;
  
  
• Pinterest: processing 800B+ daily events;
  
  
• Amazon Music: tuning recommendations for 16M+ subscribers; 
  
  
• NASA: powering Big Earth and Ocean Science data analytics; 

And, from Accumulo to Zipkin (incubating), more than six dozen Apache projects form the foundation of the $166B Big Data ecosystem.

Apache software is overseen by a self-selected team of active contributors to the project. A Project Management Committee (PMC) guides the Project's day-to-day operations, including community development and product releases.

The Code
Over the past two decades, 1,058,321,099 lines of Apache code were committed over 3,022,836 commits. The ASF codebase is conservatively valued at least $20B, using the COCOMO 2 model. All Apache software is released under the Apache License v2.0.

"If It Didn't Happen On-list...It Didn't Happen"
Since the ASF's founding, 351,067 authors sent 19,587,835 emails on 8,529,590 topics across 1,131 mailing lists.

Apache Incubator
The Apache Incubator is the entry path for projects and codebases wishing to become part of the efforts at The Apache Software Foundation. All code donations from external organizations and existing external projects enter through the Incubator to: 1) ensure all donations are in accordance with the ASF legal standards; and 2) develop new communities that adhere to our guiding principles. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects.

Since the ASF's founding, 199 projects have successfully graduated from the Apache Incubator. Today, 52 projects are in development, applying The Apache Way to innovations in annotation, Artificial Intelligence, Big Data, cryptography, data science, development environments, Edge and IoT, email; JavaEE, libraries,  Machine Learning, serverless computing, and many more categories.

"Wow, is it 20 years already? Congratulations to the ASF! I've always been a big believer and advocate of Open Source, but when we founded the ASF 20 years ago I certainly didn't expect *this* level of growth and success," said ASF co-founder Lars Eilebrecht. "I'm very proud that the ASF - despite many challenges - has remained true to its core values and the Apache Way of Open Source development. The ASF has had a very big and positive impact on the overall IT industry, and I'm certain that the industry and the Internet would look very different today without the ASF's involvement in the rise of Open Source!"

"Apache-style licensing may yield more adoption and money."
— Matt Asay, c|net

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - NEXT WEEK: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshowdc19/
 - CFP Extended: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/
 - CFP Open: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - Registration OPEN: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.68% uptime. Check out our performance across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 461 Apache contributors changed 1,118,771 lines of code over 2,846 commits. Top 5 contributors, in order, are: Cassandra Targett, Ash Berlin-Taylor, Claus Ibsen, Andrea Cosentino, and Jonathan Hung.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Kylin 2.6.1 released https://kylin.apache.org/
 - Apache NiFi 1.9.1 released https://nifi.apache.org/

Build Management --
 - Apache Ant 1.9.14 released http://ant.apache.org/

Cloud Computing --
 - The Apache Software Foundation Announces Apache® CloudMonkey® v6.0 https://s.apache.org/aznB

Content --
 - Apache Jackrabbit Oak 1.10.2 released http://jackrabbit.apache.org/

Customer Data Platform --
 - The Apache Software Foundation Announces Apache® Unomi™ as a Top-Level Project https://s.apache.org/brS6

Search --
 - Apache Lucene 8.0.0 and Solr 8.0.0 released http://lucene.apache.org/

Servers --
 - Apache Tomcat 8.5.39 and  9.0.17 released http://tomcat.apache.org/

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

The Apache Way defines Open Source in terms of both a legal and a social framework for collaboration. It helps others understand what makes Open Source powerful and how participants are expected to behave. In this post we will examine The Apache Way in the context of the Foundation's mission:

Let's dissect this mission statement. 

"Provide Software for the Public Good"

Key points in this section: 

• We produce software that is non-excludable and non-rivalrous
  
  
• Use of the software in any context does not reduce its availability to others
  
  
• Users and contributors have no committed responsibility to the foundation, our projects or our communities
  
  
• Use of a license that conforms to the Open Source Definition is necessary but not sufficient to deliver on our mission 
  
  

Investopedia defines a public good as "a product that one individual can consume without reducing its availability to another individual, and from which no one is excluded." On the surface, this is a good definition for our use of the term. However, there is a nuance in our use. Our mission is not to produce "public goods" but to "provide software for the public good". 

To understand why this is important, one needs to think about what motivates the ASF to produce software that is a public good.

Open Source software can be digitally copied and reused in an unlimited number of ways. Every user can modify it for their specific needs. They can combine it with other software. They can design innovative new products and services using it and can make a living from the proceeds. This is all possible without impacting other people's use of the software. As such, the ASF produces software that can be used for the public good in many different ways.

To allow us to deliver on this part of the mission, it is critical that we adopt a license that uses the law to protect the software curated here at the Foundation. For us that license is the Apache License, Version 2. In addition, we adopt an inbound licensing policy that defines which licenses are allowable on software reused within Apache projects. This policy can be summarized as: 

• The license must meet the Open Source Definition (OSD).
  
  
• The license, as applied in practice, must not impose significant restrictions beyond those imposed by the Apache License 2.0.
  
  

This means that you can be assured that software curated by projects within The Apache Software Foundation is both a public good and for the public good. You can use Apache software for any purpose and you have no responsibility to the Foundation or the project to contribute back (though as addressed in the next section, it is often in your interests to do so). 

It is important to recognize that there are software projects out there that adopt our license but do not adopt our inbound licensing policy. Such projects may bring restrictions that are not covered by our license; therefore, it is important to carefully examine the licensing policies of these projects. Using the Apache License alone may not provide you with the same options a Foundation project provides. 

Apache projects are successful, in large part, because of our diligence with respect to clearly-defined licensing policies. Such diligence makes it much easier for downstream users to understand what they can and cannot do with Apache software. The Apache License is deliberately permissive to ensure that everyone has an opportunity to participate in Open Source within the ASF or elsewhere. Modifications of our license are allowed, but modified licenses are neither the Apache License nor affiliated with or endorsed by The Apache Software Foundation. No modified license can be represented as such. Modified licenses that use the Apache name are strictly disallowed, as they are both confusing to users and undermine the Apache brand.

While we recognize that there are many ways to license software, whether Open Source or otherwise, we assert that only projects that use both our license (unmodified) and our inbound licensing policy truly follow and adhere to The Apache Way. 

While an OSD-approved license and associated policies are necessary for successful Open Source production, they are not sufficient. They provide a legal framework for the production of Open Source, but they do not provide a social framework, which brings us to the second sentence of our mission:

"The mission of the Apache Software Foundation is to provide software for the public good. We do this by providing services and support for many like-minded software project communities of individuals who choose to contribute to Apache projects."

"Like-Minded Software Project Communities of Individuals"

Key points in this section: 

• The Apache Way provides a governance model designed to create a social framework for collaboration
  
  
• The Apache Software Foundation develops communities, and those communities develop software
  
  
• ASF project communities develop and reuse software components that in turn may be reused in products
  
  
• Users of ASF software often build products and services using our software components
  
  
• Our model, and others like it, have produced some of the largest and longest-lived Open Source projects that have literally revolutionized the industry 

There is a lot packed into these few words. It is an understanding of these words that makes the difference between software that is under an Open Source license and software that reaches sustainability through The Apache Way. These words underscore the fact that the Foundation does not directly produce software. That's right, The Apache Software Foundation, with upwards of $8Bn of software code, does not directly produce software. Rather than focus on software, we focus on the creation of and support of collaborative communities; the software is an intentional by-product. 

Our like-minded project communities come together because they share common problems that can be addressed in software. As the saying goes, "a problem shared is a problem halved". By bringing together individuals with their unique ideas and skills, we break down barriers to collaboration. 

The Apache Way is carefully crafted to create a social structure for collaboration, which complements the legal framework discussed above. Where the legal framework ensures an equal right to use the software, The Apache Way ensures an equal ability to contribute to the software. This is critically important to the long term sustainability of Open Source software projects. This social structure for collaboration is missing from many non-Apache projects, yet a robust social structure is invariably a key component in long-term successful projects outside of the ASF.

The Apache Way is fully inclusive, open, transparent and consensus-based. It promotes vendor neutrality to prevent undue influence (or control) from a single company. It ensures that any individual with a valuable contribution is empowered, and it seeks to assure that a project remains sustainable despite inevitable changes in community membership over time.

Apache projects typically produce software components that can be combined with other software (of any license) in different ways to solve different problems. This provides plenty of opportunity for participants to collaborate within a given software project independent of their relationship outside the Foundation. This is very different from the idea of licensing your product as a whole under an Open Source license. Our model offers more opportunities for reuse which, in turn, increase the pool of individuals likely to contribute to the project.

In addition, our merit-based system seeks to ensure that as people come and go, for whatever reason, there is always someone to take their place. As a result, some ubiquitous Apache projects have existed for over 20 years and helped commercialize the World Wide Web; while dozens of newer projects have defined industry segments such as Big Data and IoT (Internet of Things). 

A core tenet of The Apache Way is "Community Over Code", which encapsulates our deep belief that a healthy community is a far higher priority than good code. A strong community can always rectify a problem with the code, whereas an unhealthy community will likely struggle to maintain a codebase in a sustainable manner. Healthy communities ensure the Foundation has the stability to thrive for the next 20 years and beyond. Apache projects do not have the problem of scaling that others, who focus only on the legal frameworks of Open Source, suffer from. If you look around at projects that have grown up alongside the Apache projects, you will see a similar focus on scaling the governance model. This is no accident. 

Why this is Important

Software is a critical part of any modern economy. It touches every part of every life in the developed world, and is increasingly transforming everyday life, from womb to grave, everywhere.

At The Apache Software Foundation, we believe that every developer has their personal motivations for building software. We celebrate their right to choose when and how they build their software, including their right to use a non-open license. 

We will not dictate what is best for developers or for the software industry.

We care about the provision of software that enables our users, our contributors, and the general public to decide what is best for them.

We welcome you to use our software and contribute to our projects -- or not. It's up to you. 

We ask that you leave commercial interests at the door.

Countless organizations are proving that their team members who collaborate in a vendor-neutral environment often apply Open Innovation processes (such as The Apache Way) to their work. This helps create internal efficiencies and lays the groundwork for new external opportunities that may provide additional added benefits.

Bringing only your intention of contributing what best serves the greater Apache community reinforces trust in the people and projects behind the Apache brand, and helps us realize our mission of providing software for the public good. 

We learn together and work together to deliver the best software we can. 

Apache software is available for all.

The freedom to choose is what makes the Foundation and Apache projects so strong.

Summary

The software industry has changed and continues to change. The ways software is delivered to end users have changed. Some of the leaders in our industry have retired and new leaders have emerged. But some things have not changed. Our model of collaborative software development, through a combination of a licensing and social framework, remains one of the most successful models of software production.

Increasing the number of users, even those who do not contribute to code, should be seen as a benefit, not a problem, in Open Source. More users present an opportunity. At Apache, more users means more success since they are our future contributors.

As a US 501(c)(3) public charitable organization, The Apache Software Foundation helps individuals and organizations understand how Open Source at scale works in a highly competitive market. For more than two decades our focus has not been on producing software, but rather mentoring communities who produce software. The Apache Way advances sustainable Open Source communities: everything we do is Open Source so all kinds of users can benefit from our experience. Apache is for everyone.

# # #

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshowdc19/
 - Join us + CFP EXTENDED: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/
 - CFP OPEN! ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - REGISTRATION OPEN: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.99% uptime. Go Mighty Infra! Four nines! http://www.apache.org/uptime/

Apache Code Snapshot –this week, 485 Apache contributors changed 997,317 lines of code over 2,726 commits. Top 5 contributors, in order, are: Andrea Cosentino, Guanghao Zhang, Claus Ibsen, Fabio Utzig, and Jean-Baptiste Onofré.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache CouchDB 2.3.1 released https://couchdb.apache.org/

Content --
 - Apache JSPWiki 2.11.0.M2 released http://jspwiki.apache.org/

Databases --
 - Apache Derby 10.15.1.3 released https://db.apache.org/

IoT --
 - Apache PLC4X (incubating) 0.3.1 released http://plc4x.apache.org

Network-Server --
 - Apache MINA 2.0.20 released http://mina.apache.org/

Search --
 - Apache Solr Reference Guide 7.7 released https://lucene.apache.org/solr/guide/7_7

Testing --
 - Apache JMeter 5.1.1 released https://jmeter.apache.org/

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - MEDIA ALERT: The Apache Software Foundation to present on Apache software projects in government, cybersecurity, and more at Roadshow and Open Source Job Fair at George Mason University https://s.apache.org/oGww
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshowdc19/
 - Join us: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/
 - CFP OPEN! ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - Save the Date: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.90% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 512 Apache contributors changed 947,385 lines of code over 3,146 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Ash Berlin-Taylor, Iñigo Goiri, Claus Ibsen, Eric Barnhill.

Apache Project Announcements –the latest updates by category.

Content --
 - Apache Any23 2.3 released http://any23.apache.org/

Databases --
 - Apache Jackrabbit 2.8.10 released http://jackrabbit.apache.org/
 - Apache Curator 4.2.0 released http://curator.apache.org

HTTP --
 - HttpComponents Core 5.0 beta7 released http://hc.apache.org/

Library --
- Apache MXNet (incubating) 1.4.0 released http://mxnet.incubator.apache.org/

Messaging --
 - Apache Pulsar 2.3.0 released https://pulsar.apache.org/

Network-Server --
 - Apache Lucene CVE-2019-0192 Deserialization of untrusted data via jmx.serviceUrl in Apache Solr http://mail-archives.apache.org/mod_mbox/www-announce/201903.mbox/%3CCAECwjAV1buZwg%2BMcV9EAQ19MeAWztPVJYD4zGK8kQdADFYij1w%40mail.gmail.com%3E
 - Apache Tomcat 7.0.93 released http://tomcat.apache.org/

Testing --
 - CVE-2019-0187: Apache JMeter Missing client auth for RMI connection when distributed test is used http://mail-archives.apache.org/mod_mbox/www-announce/201903.mbox/%3CCAH9fUpaUQaFbgY1Zh4OvKSL4wdvGAmVt%2Bn4fegibDoAxK5XARw%40mail.gmail.com%3E

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA

ApacheCon™ –the ASF's official global conference series, now in its 21st year.
 - Join us: Apache Roadshow/DC and Open Source Career Fair 25 March 2019 http://www.apachecon.com/usroadshow18/
 - Join us: Apache Roadshow/Chicago 13-14 May 2019 http://apachecon.com/chiroadshow19/index.html
 - Save the Date: ApacheCon North America 9-13 September in Las Vegas http://apachecon.com/
 - Save the Date: ApacheCon Europe 22-24 October in Berlin http://www.apachecon.com/aceu19/

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield 99.93% uptime. http://www.apache.org/uptime/

Apache Code Snapshot –this week, 493 Apache contributors changed 1,098,430 lines of code over 2,927 commits. Top 5 contributors, in order, are: Vishal Suvagia, Andrea Cosentino, Tzu-Li Tai, Zhang Duo, and Claus Ibsen.

Apache Project Announcements –the latest updates by category.

Big Data --
 - Apache Trafodion 2.3.0 released https://trafodion.apache.org/

Content --
 - Apache UIMA Ruta 2.7.0 released http://uima.apache.org/
 - Apache PDFBox 2.0.14 released http://pdfbox.apache.org/

Databases --
 - Apache Jackrabbit Oak 1.10.1 released http://jackrabbit.apache.org/

 Library --
- Apache Daffodil (incubating) 2.3.0 https://daffodil.apache.org/

Messaging --
 - Apache Pulsar 2.3.0 released https://pulsar.apache.org/

Network-Server --
 - Apache Tomcat 7.0.93 released http://tomcat.apache.org/

Did You Know?

 - Apache in 2018 - By The Digits https://s.apache.org/Apache2018Digits

 - ASF Operations Summary: Q2 FY2019 https://s.apache.org/d2Fq

 - ASF Annual Report for FY2018 https://s.apache.org/FY2018AnnualReport

 - The Apache Software Foundation 2018 Vision Statement https://s.apache.org/zqC3

 - Foundation Statement –Apache Is Open. https://s.apache.org/PIRA