announce

Messages by Date

2024/07/16 [ANNOUNCE] Apache Uniffle (Incubating) 0.9.0 available Enrico Minack
2024/07/16 [ANNOUNCE] Apache Commons Codec 1.17.1 Gary Gregory
2024/07/15 CVE-2023-52290: Apache StreamPark (incubating): Unchecked SQL query fields trigger SQL injection vulnerability Huajie Wang
2024/07/15 [ANNOUNCE] Apache Camel 4.7.0 Released Gregor Zurowski
2024/07/15 [ANN] Apache Tomcat 10.1.26 Available Christopher Schultz
2024/07/15 [ANNOUNCE] Apache Airflow Providers prepared on July 12, 2024 are released Elad Kalif
2024/07/15 [ANNOUNCE] Release Apache SkyWalking Client JS version 0.12.0 xue fan
2024/07/13 CVE-2023-49566: Apache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability Heping Wang
2024/07/13 CVE-2023-46801: Apache Linkis DataSource: Remote code execution vulnerability in apache Linkis 1.4.0 Heping Wang
2024/07/13 CVE-2023-41916: Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading Heping Wang
2024/07/12 [ANNOUNCE] Apache Airflow Providers prepared on July 09, 2024 are released Elad Kalif
2024/07/12 [ANNOUNCE] Apache Pekko Connectors 1.1.0-M1 released PJ Fanning
2024/07/12 [ANNOUNCE] Apache Jackrabbit Oak 1.66.0 released Julian Reschke
2024/07/12 CVE-2024-36522: Apache Wicket: Remote code execution via XSLT injection Martin Tzvetanov Grigorov
2024/07/09 [ANNOUNCE] Apache NiFi 1.27.0 Released David Handermann
2024/07/08 [ANNOUNCE] Apache Bigtop 3.3.0 released Masatake Iwasaki
2024/07/08 [ANNOUNCE] Apache Pulsar Node.js client 1.11.1 released Baodi Shi
2024/07/08 [ANN] Apache Causeway version 2.1.0 and 3.1.0 Released Dan Haywood
2024/07/08 [ANN] Apache Tomcat 9.0.91 available Rémy Maucherat
2024/07/07 CVE-2024-37389: Apache NiFi: Improper Neutralization of Input in Parameter Context Description David Handermann
2024/07/07 [ANNOUNCE] Release Apache OpenDAL 0.47.3 Xuanwo
2024/07/07 [SECURITY] CVE-2024-34750 Apache Tomcat - Denial of Service Mark Thomas
2024/07/05 [ANN] Apache Tomcat 11.0.0-M22 (beta) available Mark Thomas
2024/07/05 [ANNOUNCE] Apache CloudStack LTS Security Releases 4.18.2.1 and 4.19.0.2 Abhishek Kumar
2024/07/05 [ANNOUNCE] Apache Airflow Providers prepared on July 02, 2024 are released Jarek Potiuk
2024/07/05 [ANNOUNCE] Apache ServiceComb Java Chassis version 3.2.0 Released liubao
2024/07/05 [ANNOUNCE] Apache ServiceComb Java Chassis version 2.8.18 Released liubao
2024/07/05 [ANNOUNCE] Apache Arrow ADBC 13 released David Li
2024/07/04 [ANNOUNCE] Apache Commons Logging 1.3.3 Gary Gregory
2024/07/03 [ANNOUNCEMENT] Apache HTTP Server 2.4.61 Released covener
2024/07/03 CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType Eric Covener
2024/07/03 [ANNOUNCEMENT] HttpComponents Core 5.2.5 GA released Oleg Kalnichevski
2024/07/02 [ANNOUNCE] Release Apache OpenDAL 0.47.2 Xuanwo
2024/07/02 [ANNOUNCE] Apache POI 5.3.0 release PJ Fanning
2024/07/02 [ANNOUNCEMENT] Apache HTTP Server 2.4.60 Released covener
2024/07/01 [ANNOUNCE] Apache NiFi 2.0.0-M4 Released David Handermann
2024/07/01 CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution Eric Covener
2024/07/01 CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request Eric Covener
2024/07/01 CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect Eric Covener
2024/07/01 CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences Eric Covener
2024/07/01 CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. Eric Covener
2024/07/01 CVE-2024-38473: Apache HTTP Server proxy encoding problem Eric Covener
2024/07/01 CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF Eric Covener
2024/07/01 CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 Eric Covener
2024/07/01 [ANNOUNCE] Apache Kafka 3.7.1 Igor Soarez
2024/06/30 [ANNOUNCE] Apache IoTDB 1.3.2 released Haonan Hou
2024/06/30 [ANNOUNCE] Apache Commons Email Parent POM 2.0.0-M1 Gary Gregory
2024/06/30 [ANNOUNCE] Apache Groovy 5.0.0-alpha-9 Released Paul King
2024/06/30 [ANNOUNCE] Apache Groovy 4.0.22 Released Paul King
2024/06/30 [ANNOUNCE] Apache Groovy 3.0.22 Released Paul King
2024/06/29 [ANNOUNCE] Apache Doris 2.0.12 & 2.1.4 release ChenMingyu
2024/06/28 [ANNOUNCE] Apache Camel 4.4.3 (LTS) Released Gregor Zurowski
2024/06/27 [ANNOUNCE] Apache Lucene 9.11.1 released Ignacio Vera
2024/06/27 [ANNOUNCE] Apache Airflow Providers prepared on June 22, 2024 are released Elad Kalif
2024/06/27 [ANNOUNCEMENT] HttpComponents Client 5.4-beta1 Released Oleg Kalnichevski
2024/06/26 [ANNOUNCE] Apache BookKeeper 4.17.1 released ZhangJian He
2024/06/25 [ANNOUNCEMENT] HttpComponents Core 5.3-beta1 released Oleg Kalnichevski
2024/06/25 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 3.3.1 released David Jensen
2024/06/25 CVE-2024-27136: Apache JSPWiki: Cross-site scripting vulnerability on upload page Juan Pablo Santos Rodríguez
2024/06/24 [ANNOUNCE] Apache Pekko (Core) 1.0.3 released PJ Fanning
2024/06/24 Fwd: [ANNOUNCE] Apache MINA SSHD 2.13.1 released Guillaume Nodet
2024/06/23 [ANNOUNCE] Apache Drill 1.21.2 Released James Turton
2024/06/23 [ANNOUNCE] Apache Camel 3.21.5 (LTS) Released Gregor Zurowski
2024/06/22 CVE-2024-29868: Apache StreamPipes, Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation Dominik Riemer
2024/06/22 [ANNOUNCE] Apache Impala 3.4.2 release Quanlong Huang
2024/06/21 [ANNOUNCE] Apache Allura 1.17.1 released Dave Brondsema
2024/06/21 CVE-2024-38379: Apache Allura: Stored authenticated XSS David Philip Brondsema
2024/06/21 [ANNOUNCE] Release Apache OpenDAL v0.47.1 Xuanwo
2024/06/20 CVE-2024-34693: Apache Superset: Server arbitrary file read Daniel Gaspar
2024/06/19 [ANNOUNCE] Apache Pekko Connectors Kafka 1.1.0-M1 released PJ Fanning
2024/06/19 [ANN] Apache Tomcat 10.1.25 Available Christopher Schultz
2024/06/19 [ANNOUNCE] Apache Ant 1.9.x release series EOL Jaikiran Pai
2024/06/19 [ANN] Apache Tomcat 9.0.90 available Rémy Maucherat
2024/06/18 [ANNOUNCE] Apache SDAP 1.3.0 Released Riley Kuttruff
2024/06/18 [ANNOUNCE] Apache Commons Collections 4.5.0-M2 Gary Gregory
2024/06/18 [ANN] Apache Tomcat 11.0.0-M21 (beta) available Mark Thomas
2024/06/18 [ANNOUNCE] Apache Pekko Management 1.1.0-M1 released PJ Fanning
2024/06/18 [ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.5.6 Chris Bono
2024/06/17 [ANNOUNCE] Apache StreamPipes 0.95.0 Dominik Riemer
2024/06/17 [ANNOUNCE] Apache James JSPF 1.0.4 released Benoit TELLIER
2024/06/17 [ANNOUNCE] Apache Wicket 8.16.0 released Andrea Del Bene
2024/06/15 [ANNOUNCE] Apache Curator 5.7.0 released tison
2024/06/14 [ANNOUNCE] Apache Daffodil 3.8.0 Released Mike Beckerle
2024/06/14 [ANNOUNCE] Apache Jackrabbit 2.22.0 released Julian Reschke
2024/06/13 CVE-2024-25142: Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache Jarek Potiuk
2024/06/12 CVE-2024-36265: Apache Submarine Server Core: authorization bypass Arnout Engelen
2024/06/12 CVE-2024-36264: Apache Submarine Commons Utils: default secret Arnout Engelen
2024/06/12 CVE-2024-36263: Apache Submarine Server Core: SQL injection Arnout Engelen
2024/06/11 [ANNOUNCE] Apache Pekko Persistence JDBC 1.1.0-M1 released PJ Fanning
2024/06/11 [ANNOUNCE] Apache Pekko gRPC 1.1.0-M1 released PJ Fanning
2024/06/10 [ANNOUNCE] Apache Commons Configuration 2.11.0 Gary Gregory
2024/06/10 [ANNOUNCE] Apache Commons Net 3.11.1 Gary Gregory
2024/06/10 [ANNOUNCE] Release Apache OpenDAL 0.47.0 tison
2024/06/10 [ANNOUNCE] Apache Allura 1.17.0 released Dave Brondsema
2024/06/10 CVE-2024-36471: Apache Allura: sensitive information exposure via DNS rebinding David Philip Brondsema
2024/06/10 [ANNOUNCE] Apache Airflow 2.9.2 Released Utkarsh Sharma
2024/06/10 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 3.3.0 released David Jensen
2024/06/09 [ANNOUNCE] Apache Airflow Providers prepared on June 07, 2024 are released Elad Kalif
2024/06/07 [ANNOUNCE] Apache Lucene 9.11.0 released Benjamin Trent
2024/06/06 [ANNOUNCE] Apache ServiceComb Java Chassis version 3.1.2 Released liubao
2024/06/06 [ANNOUNCE] Apache Commons JEXL 3.4.0 Gary Gregory
2024/06/05 [ANNOUNCE] Apache Jackrabbit 2.21.27-beta released Julian Reschke
2024/06/05 [ANNOUNCE] Apache Commons JEXL 3.4.0 Gary Gregory
2024/06/04 [ANNOUNCE] Apache Pulsar Helm Chart version 3.4.1 Released Lari Hotari
2024/06/04 [ANNOUNCE] Apache NetBeans 22 released Eric Barboni
2024/06/03 [ANNOUNCE] Apache Commons JCS 3.2.1 Thomas Vandahl
2024/06/02 CVE-2024-36104: Apache OFBiz: Path traversal leading to a RCE Jacques Le Roux
2024/06/02 [ANNOUNCE] Apache Airflow Providers prepared on May 30, 2024 are released Elad Kalif
2024/06/02 [ANNOUNCE] Apache Kyuubi released 1.9.1 Cheng Pan
2024/06/02 [ANNOUNCE] Apache FreeMarker 2.3.33 is released Daniel Dekany
2024/06/02 [ANNOUNCE] Apache Wicket 9.18.0 released Andrea Del Bene
2024/06/02 [ANNOUNCE] Apache Wicket 10.1.0 released Andrea Del Bene
2024/05/31 [ANNOUNCE] Apache Commons Net 3.11.0 Gary Gregory
2024/05/31 [ANNOUNCE] Apache OFBiz 18.12.14 released Jacopo Cappellato
2024/05/30 [ANNOUNCE] Release Apache Hop 2.9.0 Bart Maertens
2024/05/30 [ANNOUNCE] Apache Airflow Providers prepared on May 26, 2024 are released Elad Kalif
2024/05/29 [ANNOUNCE] Apache Solr 9.6.1 released Houston Putman
2024/05/29 [ANNOUNCE] Apache Arrow nanoarrow 0.5.0 Released Dewey Dunnington
2024/05/27 [ANNOUNCE] Apache Jackrabbit Oak 1.64.0 released Julian Reschke
2024/05/27 [ANNOUNCE] Apache Pekko HTTP 1.1.0-M1 released PJ Fanning
2024/05/27 [ANNOUNCE] Apache XMLBeans 5.2.1 release PJ Fanning
2024/05/26 [ANN] Apache Maven 3.9.7 released Slawomir Jaranowski
2024/05/25 [ANNOUNCE] Apache Impala 4.4.0 release Zoltán Borók-Nagy
2024/05/25 [ANNOUNCE] Apache HBase 2.4.18 is now available for download Duo Zhang
2024/05/24 [ANNOUNCEMENT] Commons Daemon 1.4.0 Released Mark Thomas
2024/05/23 [ANNOUNCE] Apache Commons CLI Version 1.8.0 Gary Gregory
2024/05/23 [ANN] Apache Syncope 3.0.7 Francesco Chicchiriccò
2024/05/22 [ANNOUNCE] Apache YuniKorn v1.5.1 released Wilfred Spiegelenburg
2024/05/20 [ANNOUNCE] Apache Arrow ADBC 12 released David Li
2024/05/19 [ANNOUNCE] Hive 2.x EOL Ayush Saxena
2024/05/19 [ANNOUNCE] Apache Arrow 16.1.0 released Raúl Cumplido
2024/05/19 [ANNOUNCE] Apache Pekko 1.1.0-M1 released PJ Fanning
2024/05/18 [ANNOUNCE] Apache NiFi MiNiFi C++ 0.99.0 release Gábor Gyimesi
2024/05/18 [ANNOUNCE] Apache Sedona 1.6.0 released Jia Yu
2024/05/17 [ANNOUNCE] Apache Airflow Providers prepared on May 12, 2024 are released Elad Kalif
2024/05/17 [ANNOUNCE] Apache Pulsar 3.2.3 released Lari Hotari
2024/05/17 [ANNOUNCE] Apache Pulsar 3.0.5 released Lari Hotari
2024/05/17 [ANNOUNCE] Apache Flink CDC 3.1.0 released Qingsheng Ren
2024/05/17 [ANNOUNCE] Apache NiFi 2.0.0-M3 Released David Handermann
2024/05/16 [ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.5.5 Chris Bono
2024/05/16 [ANNOUNCE] Apache StormCrawler (Incubating) 3.0 released Richard Zowalla
2024/05/15 [ANNOUNCE] Apache Commons Logging 1.3.2 Gary Gregory
2024/05/14 [ANNOUNCE] Apache ServiceComb Java Chassis version 3.1.1 Released liubao
2024/05/14 CVE-2024-32077: Apache Airflow: XSS vulnerability in Task Instance Log/Log Details Ephraim Anierobi
2024/05/13 [ANN] Apache Tomcat 10.1.24 Available Christopher Schultz
2024/05/13 [ANNOUNCEMENT] Apache SkyWalking BanyanDB 0.6.0 Released Hongtao Gao
2024/05/13 [ANNOUNCE] Apache SkyWalking 10.0.0 released Sheng Wu
2024/05/13 [ANNOUNCE] Apache Jackrabbit 2.20.16 released Julian Reschke
2024/05/10 [ANNOUNCE] Apache Camel 4.6.0 Released Gregor Zurowski
2024/05/10 [ANNOUNCE] Apache Sedona 1.5.3 released Jia Yu
2024/05/08 CVE-2024-34365: Apache Karaf Cave: Cave SSRF and arbitrary file access Arnout Engelen
2024/05/08 CVE-2024-26579: Apache Inlong JDBC Vulnerability Charles Zhang
2024/05/08 CVE-2024-32113: Apache OFBiz: Path traversal leading to RCE Jacques Le Roux
2024/05/08 [ANN] Apache Tomcat 11.0.0-M20 (alpha) available Mark Thomas
2024/05/07 [ANNOUNCE] Apache Sedona 1.5.2 released Jia Yu
2024/05/07 [ANN] Apache Tomcat 9.0.89 available Rémy Maucherat
2024/05/07 [ANNOUNCE] Apache SkyWalking BanyanDB Java Client 0.6.0 released Hongtao Gao
2024/05/07 [ANNOUNCE] Apache OFBiz 18.12.13 released Jacopo Cappellato
2024/05/07 CVE-2024-28148: Apache Superset: Incorrect datasource authorization on explore REST API Daniel Gaspar
2024/05/07 [ANNOUNCE] Apache Calcite 1.37.0 released Sergey Nuyanzin
2024/05/06 [ANNOUNCE] Apache Geronimo BatchEE 2.0.0 fpapon
2024/05/06 [ANNOUNCE] Apache Camel 3.22.2 (LTS) Released Gregor Zurowski
2024/05/06 [ANNOUNCE] Apache Airflow 2.9.1 Released Ephraim Anierobi
2024/05/06 [ANNOUNCE] Apache Airflow Providers prepared on May 01, 2024 are released Elad Kalif
2024/05/05 Apache Archiva is now retired Hervé Boutemy
2024/05/03 CVE-2023-35701: Apache Hive: Arbitrary command execution via JDBC driver Stamatis Zampetakis
2024/05/02 Apache Bahir is now retired Hervé Boutemy
2024/05/01 CVE-2024-32114: Apache ActiveMQ: Jolokia and REST API were not secured with default configuration Jean-Baptiste Onofré
2024/04/30 [ANNOUNCE] Apache Nutch 1.20 Release lewis john mcgibbney
2024/04/29 [ANNOUNCE] Apache Arrow 16.0.0 released Raúl Cumplido
2024/04/29 [ANNOUNCE] Apache APISIX 3.9.1 has been released Xin Rong
2024/04/29 [ANNOUNCE] Apache APISIX 3.8.1 has been released Xin Rong
2024/04/29 [ANN] Apache ActiveMQ Classic 6.1.2 has been released! Jean-Baptiste Onofré
2024/04/28 [ANNOUNCE] Apache Solr 9.6.0 released Gus Heck
2024/04/27 [ANNOUNCE] Apache Commons Codec 1.17.0 Gary Gregory
2024/04/27 [ANNOUNCE] Apache Commons BCEL Version 6.9.0 Gary Gregory
2024/04/26 [ANNOUNCE] Apache Kyuubi 1.8.2 is available Cheng Pan
2024/04/26 [ANNOUNCE] Apache Kyuubi 1.7.4 is available Cheng Pan
2024/04/26 [ANNOUNCE] Apache Camel 4.0.5 (LTS) Release Gregor Zurowski
2024/04/25 [ANNOUNCE] Apache bRPC 1.9.0 released Shuai Liu
2024/04/25 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 3.2.1 released David Jensen
2024/04/25 [ANNOUNCE] Apache Camel 4.4.2 (LTS) Released Gregor Zurowski
2024/04/25 [ANNOUNCE] OpenNLP 2.3.3 released Martin Wiesner
2024/04/25 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 3.2.1 released David Jensen
2024/04/25 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 3.2.1 released David Jensen
2024/04/24 [ANNOUNCE] Apache Pulsar C# Client DotPulsar 3.2.1 released David Jensen
2024/04/22 CVE-2024-27349: Apache HugeGraph-Server: Bypass whitelist in Auth mode Imba Jin
2024/04/22 CVE-2024-27348: Apache HugeGraph-Server: Command execution in gremlin Imba Jin
2024/04/22 [ANNOUNCE] Apache IoTDB 1.3.1 released Haonan Hou
2024/04/22 CVE-2024-27347: Apache HugeGraph-Hubble: SSRF in Hubble connection page Imba Jin
2024/04/21 [ANNOUNCE] Apache Airflow Providers prepared on April 16, 2024 are released Elad Kalif
2024/04/20 [ANNOUNCE] Apache Pulsar Helm Chart version 3.4.0 Released Lari Hotari
2024/04/20 [ANN] Apache Struts 6.4.0 Lukasz Lenart
2024/04/19 [ANNOUNCEMENT] Apache CloudStack LTS Maintenance Release 4.18.2.0 João Jandre
2024/04/19 CVE-2024-29733: Apache Airflow FTP Provider: FTP_TLS instance with unverified SSL context Elad Kalif
2024/04/18 [ANNOUNCE] Apache Pulsar Client Python 3.5.0 released Yunze Xu
2024/04/18 [ANNOUNCE] Apache ServiceComb Java Chassis version 3.1.0 Released liubao
2024/04/18 [ANNOUNCE] Apache ServiceComb Java Chassis version 2.8.16 Released liubao
2024/04/18 CVE-2024-29217: Apache Answer: XSS vulnerability when changing personal website Enxin Xie
2024/04/18 [ANNOUNCE] Apache Commons Imaging 1.0.0-alpha5 Gary Gregory