announce  

Messages by Date

• 2025/03/18 [ANNOUNCE] Apache CouchDB 3.4.3 released Jan Lehnardt
• 2025/03/16 [ANNOUNCE] Apache Arrow Go v18.2.0 Released Matt Topol
• 2025/03/16 [ANNOUNCE] Apache BVal 3.0.2 Markus Jung
• 2025/03/16 [ANNOUNCE] Apache Calcite 1.39.0 released Stamatis Zampetakis
• 2025/03/15 [ANNOUNCE] Apache James JSPF 1.0.5 released Rene Cordier
• 2025/03/15 [ANNOUNCE] Apache Geronimo Java Mail 2.1_1.0.1 Francois Papon
• 2025/03/15 [ANN] Apache Maven Daemon 2.0.0-rc-3 released Guillaume Nodet
• 2025/03/14 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 4.2.1 released David Jensen
• 2025/03/14 [ANNOUNCE] Apache Pulsar Helm Chart version 4.0.0 Released Lari Hotari
• 2025/03/14 [ANN] Apache Maven 4.0.0-rc-3 released Guillaume Nodet
• 2025/03/13 [ANNOUNCE] Apache Airflow Providers prepared on March 09, 2025 are released Elad Kalif
• 2025/03/13 [ANNOUNCE] Apache James JDKIM 0.4 released Rene Cordier
• 2025/03/12 FELIX-6753: CVE-2025-27867: Apache Felix HTTP Webconsole Plugin: XSS in HTTP Webconsole Plugin Carsten Ziegeler
• 2025/03/12 CVE-2025-29891: Apache Camel: Camel Message Header Injection through request parameters Andrea Cosentino
• 2025/03/12 [ANNOUNCE] Apache Pulsar Node.js client 1.13.1 released Baodi Shi
• 2025/03/12 [ANNOUNCE] Apache Solr 9.8.1 released Houston Putman
• 2025/03/11 [ANN] Apache Syncope 4.0.0-M1 Francesco Chicchiriccò
• 2025/03/11 [SECURITY] CVE-2025-24813 Potential RCE and/or information disclosure and/or information corruption with partial PUT Mark Thomas
• 2025/03/11 [ANN] Apache Syncope 3.0.11 Francesco Chicchiriccò
• 2025/03/11 [ANN] Apache ActiveMQ Classic 5.19.0 has been released! Jean-Baptiste Onofré
• 2025/03/11 CVE-2025-27017: Apache NiFi: Potential Insertion of MongoDB Password in Provenance Record Pierre Villard
• 2025/03/11 [ANNOUNCE] Apache NiFi 2.3.0 Released Pierre Villard
• 2025/03/10 [ANN] Apache ActiveMQ Classic 6.1.6 has been released! Jean-Baptiste Onofré
• 2025/03/09 Fwd: Announcing Fineract Release 1.11.0 James Dailey
• 2025/03/09 [ANNOUNCE] Apache Camel 3.22.4 (LTS) Released Gregor Zurowski
• 2025/03/09 [ANNOUNCE] Apache Camel 4.10.2 (LTS) Released Gregor Zurowski
• 2025/03/09 CVE-2025-27636: Apache Camel: Camel Message Header Injection via Improper Filtering Andrea Cosentino
• 2025/03/08 [ANNOUNCE] Apache Pulsar Client Python 3.6.1 released Yunze Xu
• 2025/03/08 [ANNOUNCE] Apache Camel 4.8.5 (LTS) Released Gregor Zurowski
• 2025/03/07 CVE-2025-26865: Apache OFBiz: Server-Side Template Injection affecting the ecommerce plugin leading to possible RCE Jacques Le Roux
• 2025/03/07 [ANNOUNCE] Apache OFBiz 18.12.18 released Jacopo Cappellato
• 2025/03/07 [ANNOUNCE] Apache Pekko Projection 1.1.0 released PJ Fanning
• 2025/03/06 [ANNOUNCE] Apache Arrow ADBC 17 Released David Li
• 2025/03/06 [ANNOUNCE] Apache Curator 5.8.0 released tison
• 2025/03/06 [ANN] Apache Tomcat 9.0.102 available Rémy Maucherat
• 2025/03/06 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 4.2.0 released David Jensen
• 2025/03/05 [ANNOUNCE] Apache Traffic Server 10.0.4 Release Chris McFarlen
• 2025/03/05 [ANN] Apache Struts 6.7.4 Lukasz Lenart
• 2025/03/05 [ANNOUNCE] Apache Calcite Avatica Go 5.4.0 released Francis Chuang
• 2025/03/05 [ANNOUNCE] Apache Pulsar Node.js client 1.13.0 released Baodi Shi
• 2025/03/04 [ANNOUNCE] Apache Camel 4.10.1 (LTS) Released Gregor Zurowski
• 2025/03/04 [ANNOUNCE] Apache Camel 4.8.4 (LTS) Released Gregor Zurowski
• 2025/03/04 [ANNOUNCE] Apache Impala 4.5.0 release Peter Rozsa
• 2025/03/03 [ANNOUNCEMENT] Apache CloudStack 4.19.2.0 release Daan Hoogland
• 2025/03/03 CVE-2024-55532: Apache Ranger: Improper Neutralization of Formula Elements in a CSV File Velmurugan Periasamy
• 2025/03/03 CVE-2024-24778: Apache StreamPipes: Resources Permission Escalation Philipp Zehnder
• 2025/03/03 [ANN] Apache Struts 7.0.3 Lukasz Lenart
• 2025/03/01 [ANNOUNCE] Apache log4cxx 1.4.0 released Stephen Webb
• 2025/02/28 [ANNOUNCE] Apache Gluten (Incubating) 1.2.0 available WeitingChen
• 2025/02/28 [ANNOUNCE] Apache Qpid Broker-J 9.2.1 released Tomas Vavricka
• 2025/02/28 [ANNOUNCE] Apache Gluten (Incubating) 1.3.0 available WeitingChen
• 2025/02/27 [ANNOUNCE] Apache Pulsar 3.3.5 released Lari Hotari
• 2025/02/27 [ANNOUNCE] Apache Doris 3.0.4 release ChenMingyu
• 2025/02/27 [ANNOUNCE] Apache Groovy 4.0.26 Released Paul King
• 2025/02/27 [ANNOUNCE] Apache Pulsar 4.0.3 released Lari Hotari
• 2025/02/27 [ANNOUNCE]] Apache Groovy 3.0.24 Released Paul King
• 2025/02/27 [ANNOUNCE] Apache Pulsar 3.0.10 released Lari Hotari
• 2025/02/27 [ANNOUNCE] Apache Gluten (Incubating) 1.2.1 available WeitingChen
• 2025/02/27 CVE-2025-27531: Apache InLong: An arbitrary file read vulnerability for JDBC Charles Zhang
• 2025/02/26 [ANNOUNCE] Release Apache Hop 2.12.0 Bart Maertens
• 2025/02/26 [ANNOUNCE] Apache Airflow Providers prepared on February 21, 2025 are released Elad Kalif
• 2025/02/25 [ANNOUNCE] Apache MINA SSHD 2.15.0 released Guillaume Nodet
• 2025/02/25 [ANNOUNCE] Apache Ignite 3.0 released Pavel Tupitsyn
• 2025/02/24 [ANNOUNCEMENT] Apache SkyWalking Satellite 1.3.0 Released han liu
• 2025/02/24 [ANNOUNCE] Apache Calcite Avatica 1.26.0 Released Francis Chuang
• 2025/02/22 [ANNOUNCE] Apache HBase 2.6.2 is now available for download Duo Zhang
• 2025/02/21 [ANNOUNCE] Apache NetBeans 25 Released Eric Barboni
• 2025/02/20 [ANNOUNCE] Apache Arrow Java 18.2.0 released Jean-Baptiste Onofré
• 2025/02/19 [ANNOUNCE] Apache Qpid proton-dotnet 1.0.0-M11 released Timothy Bish
• 2025/02/19 [ANNOUNCE] Apache Qpid protonj2 1.0.0-M23 released Timothy Bish
• 2025/02/19 [ANNOUNCE] Apache Arrow 19.0.1 released Bryce Mecum
• 2025/02/19 [ANNOUNCE] Apache Flink 1.19.2 released Alexander Fedulov
• 2025/02/19 [ANNOUNCE] Apache Flink 1.20.1 released Alexander Fedulov
• 2025/02/19 [ANNOUNCE] Apache Qpid JMS 2.7.0 released Robbie Gemmell
• 2025/02/19 [ANNOUNCE] Apache Qpid JMS 1.13.0 released Robbie Gemmell
• 2025/02/19 Apache StreamPipes 0.97.0 Philipp Zehnder
• 2025/02/19 [ANN] Apache Apache Maven Clean Plugin 3.4.1 Released Slawomir Jaranowski
• 2025/02/17 [ANNOUNCEMENT] HttpComponents Client 5.5 alpha1 Released Oleg Kalnichevski
• 2025/02/17 [ANNOUNCE] Apache Pekko (Core) 1.2.0-M1 released PJ Fanning
• 2025/02/17 [ANN] Apache Tomcat 9.0.100 available Rémy Maucherat
• 2025/02/17 [ANNOUNCE] Apache Ranger 2.6.0 released Madhan Neethiraj
• 2025/02/17 [ANNOUNCE] Apache IoTDB 2.0.1-beta released Haonan Hou
• 2025/02/17 [ANNOUNCE] Apache IoTDB 2.0.1-beta released Haonan Hou
• 2025/02/17 [ANN] Apache Tomcat 11.0.4 Available Mark Thomas
• 2025/02/14 [ANNOUNCE] Apache Commons VFS Project 2.10.0 Gary Gregory
• 2025/02/14 Apache WSS4J 4.0.0 released Colm O hEigeartaigh
• 2025/02/14 [ANNOUNCE] Apache Ignite 2.17.0 Released Nikita Amelchev
• 2025/02/14 CVE-2024-56180: Apache EventMesh: raft Hessian Deserialization Vulnerability allowing remote code execution Xue Weiming
• 2025/02/13 CVE-2024-52577: Apache Ignite: Possible RCE when deserializing incoming messages by the server node Nikita Amelchev
• 2025/02/13 [ANNOUNCE] Apache Commons BeanUtils 1.10.1 Gary Gregory
• 2025/02/13 [ANNOUNCE] Apache Jackrabbit Oak 1.76.0 released Julian Reschke
• 2025/02/12 CVE-2024-46910: Apache Atlas: An authenticated user can perform XSS and potentially impersonate another user Madhan Neethiraj
• 2025/02/12 [ANNOUNCE] Apache ManifoldCF SDK 1.0.2 released Piergiorgio Lucidi
• 2025/02/12 CVE-2024-32838: Apache Fineract: SQL injection vulnerabilities in offices API endpoint Arnout Engelen
• 2025/02/11 [ANNOUNCE] Apache flink-connector-hive 3.0.0 released Sergey Nuyanzin
• 2025/02/11 CVE-2025-26467: Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions (4.0.16 only) Paulo Motta
• 2025/02/11 [ANNOUNCE] Apache Camel 4.10.0 (LTS) Released Gregor Zurowski
• 2025/02/10 [ANNOUNCE] Apache Hudi 1.0.1 released Sivabalan
• 2025/02/10 Re: CVE-2025-23015: Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions Paulo Motta
• 2025/02/10 [ANN] Apache Tomcat 11.0.3 Available Mark Thomas
• 2025/02/10 [ANN] Apache Tomcat 9.0.99 available Rémy Maucherat
• 2025/02/10 [ANNOUNCE] Apache Airflow 2.10.5 Released Utkarsh Sharma
• 2025/02/10 [ANNOUNCE] Apache TsFile 2.0.1 released Haonan Hou
• 2025/02/09 FELIX-6751: CVE-2025-25247: Apache Felix Webconsole: XSS in services console Carsten Ziegeler
• 2025/02/09 [ANNOUNCE] Apache Airflow Providers prepared on February 04, 2025 Jarek Potiuk
• 2025/02/09 [ANNOUNCE] Apache Zeppelin 0.12.0 available Jongyoul Lee
• 2025/02/08 [ANNOUNCE] Apache Commons Logging 1.3.5 Gary Gregory
• 2025/02/07 CVE-2025-25069: Apache Kvrocks: Cross-Protocol Scripting Vulnerability Mingyang Liu
• 2025/02/07 [ANNOUNCE] Release Apache OpenDAL v0.51.2 tison
• 2025/02/06 [ANNOUNCE] Apache Tika 2.9.3 released Tim Allison
• 2025/02/05 [ANNOUNCE] Apache NiFi MiNiFi C++ 0.99.1 release Marton Szasz
• 2025/02/05 [ANNOUNCE] Apache James 3.7.6 released Benoit TELLIER
• 2025/02/05 [ANNOUNCE] Apache James 3.8.2 released Benoit TELLIER
• 2025/02/05 CVE-2024-45626: Apache James: denial of service through JMAP HTML to text conversion Benoit Tellier
• 2025/02/05 CVE-2024-37358: Apache James: denial of service through the use of IMAP literals Benoit Tellier
• 2025/02/05 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 4.1.0 released David Jensen
• 2025/02/04 CVE-2024-48019: Apache Doris: allows admin users to read arbitrary files through the REST API Mingyu Chen
• 2025/02/03 CVE-2025-24860: Apache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions Paulo Motta
• 2025/02/03 CVE-2025-23015: Apache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions Paulo Motta
• 2025/02/03 CVE-2024-27137: Apache Cassandra: unrestricted deserialization of JMX authentication credentials Paulo Motta
• 2025/02/03 [ANNOUNCEMENT] HttpComponents Client 5.4.2 GA Released Oleg Kalnichevski
• 2025/02/03 [ANNOUNCE] Apache YuniKorn v1.6.1 released Wilfred Spiegelenburg
• 2025/02/02 [ANNOUNCE] Apache FtpServer 1.2.1 released Emmanuel Lecharny
• 2025/02/01 [ANNOUNCE] Apache Tika 3.1.0 released Tim Allison
• 2025/02/01 [ANNOUNCE] Apache Pulsar Helm Chart version 3.9.0 Released Lari Hotari
• 2025/02/01 [ANNOUNCE] Apache Wicket 8.17.0 released Andrea Del Bene
• 2025/02/01 [ANNOUNCE] Apache Traffic Server 10.0.3 Release Chris McFarlen
• 2025/01/30 [ANNOUNCE] Apache jclouds 2.7.0 released Andrew Gaul
• 2025/01/29 [ANNOUNCEMENT] HttpComponents Core 5.3.3 GA released Oleg Kalnichevski
• 2025/01/29 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 4.0.0 released David Jensen
• 2025/01/28 CVE-2024-29869: Apache Hive: Credentials file created with non restrictive permissions Ayush Saxena
• 2025/01/28 [ANNOUNCE] Apache Commons Codec 1.18.0 Gary Gregory
• 2025/01/28 [ANNOUNCE] Apache Commons Pool 2.12.1 Gary Gregory
• 2025/01/27 CVE-2024-23953: Apache Hive: Timing Attack Against Signature in LLAP util Ayush Saxena
• 2025/01/27 [ANNOUNCE] Apache NiFi 2.2.0 Released Pierre Villard
• 2025/01/27 [ANNOUNCE] Apache Wicket 9.20.0 released Andrea Del Bene
• 2025/01/27 [ANNOUNCE] Apache Dubbo Python 3.0.0b1 released Albumen Kevin
• 2025/01/27 [ANNOUNCE] Apache Airflow Providers prepared on January 26, 2025 are released Elad Kalif
• 2025/01/27 CVE-2025-24783: Apache Cocoon: continuations may not be private Arnout Engelen
• 2025/01/27 [ANNOUNCE] Apache Pulsar Client Python 3.6.0 released Yunze Xu
• 2025/01/26 [ANNOUNCE] Apache Dubbo Python 3.0.0b1 released Albumen Kevin
• 2025/01/26 [ANNOUNCE] Apache Gravitino (Incubating) 0.8.0 available Fanng
• 2025/01/26 [ANNOUNCE] Release Apache Kvrocks 2.11.0 Twice
• 2025/01/26 [ANNOUNCE] Apache Storm 2.8.0 Released Rui Abreu
• 2025/01/26 CVE-2024-52012: Apache Solr: Configset upload on Windows allows arbitrary path write-access Jason Gerlowski
• 2025/01/26 CVE-2025-24814: Apache Solr: Core-creation with "trusted" configset can use arbitrary untrusted files Jason Gerlowski
• 2025/01/25 [ANNOUNCE] Apache Groovy 4.0.25 Released Paul King
• 2025/01/25 [ANNOUNCE] Apache Groovy 5.0.0-alpha-12 released Paul King
• 2025/01/24 [ANNOUNCE] Apache Wicket 10.4.0 released Andrea Del Bene
• 2025/01/24 [ANN] Apache ActiveMQ Classic 6.1.5 has been released! Jean-Baptiste Onofré
• 2025/01/24 [ANNOUNCE] Apache Arrow 19.0.0 released Bryce Mecum
• 2025/01/23 [ANNOUNCEMENT] Apache HTTP Server 2.4.63 Released jim
• 2025/01/23 [ANNOUNCE] Apache Solr 9.8.0 released Anshum Gupta
• 2025/01/23 [ANNOUNCE] Apache PDFBox 3.0.4 released Andreas Lehmkühler
• 2025/01/23 [ANNOUNCE] Apache bRPC 1.12.1 released Guangming Chen
• 2025/01/23 [ANNOUNCE] Apache Solr Operator v0.9.0 released Jason Gerlowski
• 2025/01/22 CVE-2024-53299: Apache Wicket: An attacker can intentionally trigger a memory leak Pedro Henrique Oliveira dos Santos
• 2025/01/22 [ANNOUNCE] Apache Camel 4.4.5 (LTS) Released Gregor Zurowski
• 2025/01/22 [ANNOUNCE] Apache TsFile 2.0.0 released Haonan Hou
• 2025/01/21 CVE-2024-51941: Apache Ambari: Remote Code Injection in Ambari Metrics and AMS Alerts Viraj Jasani
• 2025/01/21 CVE-2025-23196: Apache Ambari: Code Injection Vulnerability in Ambari Alert Definition Viraj Jasani
• 2025/01/21 CVE-2025-23195: Apache Ambari: XML External Entity (XXE) Vulnerability in Ambari/Oozie Viraj Jasani
• 2025/01/21 CVE-2024-45479: Apache Ranger: SSRF in Edit Service page - Add logic to filter requests to localhost Velmurugan Periasamy
• 2025/01/21 CVE-2024-45478: Apache Ranger: Stored XSS in Edit Service page - Add logic to validate user input Velmurugan Periasamy
• 2025/01/21 [ANNOUNCE] Apache Daffodil 3.10.0 Released Josh Adams
• 2025/01/21 [ANNOUNCE] Apache Pekko Persistence Cassandra 1.1.0 released PJ Fanning
• 2025/01/21 [ANNOUNCE] Release Apache SeaTunnel 2.3.9 Lucifer Tyrant
• 2025/01/21 [ANNOUNCE] Apache Flink CDC 3.3.0 released Hang Ruan
• 2025/01/21 [ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.9 Mark Thomas
• 2025/01/20 [ANNOUNCE] Apache Arrow ADBC 16 Release David Li
• 2025/01/20 [ANNOUNCE] Apache Pulsar 4.0.2 released Lari Hotari
• 2025/01/20 CVE-2025-23184: Apache CXF: Denial of Service vulnerability with temporary files Colm O hEigeartaigh
• 2025/01/20 [ANNOUNCE] Apache Pulsar 3.0.9 released Lari Hotari
• 2025/01/20 [ANNOUNCE] Apache Pulsar 3.3.4 released Lari Hotari
• 2025/01/20 [ANNOUNCEMENT] Apache SkyWalking Ruby 0.1.0 Released Zixin Zhou
• 2025/01/20 [ANNOUNCE] Apache ShenYu 2.7.0 available Hongyu Liu
• 2025/01/18 [ANNOUNCE] Apache Commons BeanUtils 1.10.0 Gary Gregory
• 2025/01/18 [ANNOUNCE] Apache Commons BeanUtils 2.0.0-M1 (now with download link) Gary Gregory
• 2025/01/17 [ANN] Apache Sling 13 Released Stefan Seifert
• 2025/01/17 [ANNOUNCE] Release Apache InLong 2.1.0 黄文伟
• 2025/01/16 [ANNOUNCE] Apache ManifoldCF 2.28 released Piergiorgio Lucidi
• 2025/01/16 [ANNOUNCE] Apache PDFBox 2.0.33 released Andreas Lehmkühler
• 2025/01/16 [ANNOUNCE] Apache Pekko Connectors 1.1.0 released PJ Fanning
• 2025/01/16 [ANNOUNCE] Apache Jackrabbit Oak 1.74.0 released Julian Reschke
• 2025/01/15 [ANNOUNCE] Apache bRPC 1.12.0 released Guangming Chen
• 2025/01/14 [ANNOUNCE] Apache Pulsar Client C++ 3.7.0 released Yunze Xu
• 2025/01/14 [ANNOUNCE] Apache Arrow Go v18.1.0 Released David Li
• 2025/01/14 [ANNOUNCEMENT] HttpComponents Core 5.3.2 GA released Oleg Kalnichevski
• 2025/01/14 CVE-2024-45627: Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability Heping Wang
• 2025/01/13 CVE-2025-22828: Apache CloudStack: Unauthorised access to annotations Nux
• 2025/01/13 Apache Streams is now retired Hervé Boutemy
• 2025/01/12 [ANNOUNCE] Apache Camel 4.8.3 (LTS) Released Gregor Zurowski
• 2025/01/10 [ANNOUNCE] Apache OpenNLP 2.5.3 released Richard Zowalla
• 2025/01/10 [ANNOUNCE] Apache James MIME4J 0.8.12 released Benoit TELLIER
• 2025/01/09 [ANNOUNCE] Apache Pekko (Core) 1.1.3 released PJ Fanning
• 2025/01/09 [ANNOUNCE] Apache POI 5.4.0 release PJ Fanning
• 2025/01/09 [ANNOUNCE] Apache Linkis 1.7.0 available peacewong
• 2025/01/09 [ANNOUNCE] Apache Uniffle (Incubating) 0.9.2 available zhengchenyu
• 2025/01/08 CVE-2024-45033: Apache Airflow Fab Provider: Application does not invalidate session after password change via Airflow cli Elad Kalif
• 2025/01/07 CVE-2024-54676: Apache OpenMeetings: Deserialisation of untrusted data in cluster mode Maxim Solodovnik

• Earlier messages
• Later messages