Messages by Date
-
2023/02/19
[ANNOUNCE] Apache Guacamole 1.5.0
Michael Jumper
-
2023/02/17
[ANNOUNCE] MyFaces Core v4.0.0-RC5 Release
Volodymyr Siedlecki
-
2023/02/17
[ANNOUNCE] Apache Doris 1.2.2 release
ChenMingyu
-
2023/02/17
[ANNOUNCE] Apache Pulsar Client C++ 3.1.2 released
Yunze Xu
-
2023/02/15
[ANNOUNCE] Apache Arrow ADBC 0.2.0 Released
David Li
-
2023/02/15
CVE-2022-42735: Apache ShenYu Admin ultra vires
Zhang Yonglun
-
2023/02/14
CVE-2023-25141: JNDI injection into Apache sling-org-apache-sling-jcr-base
Angela Schreiber
-
2023/02/14
[ANNOUNCE] Apache OpenMeetings 7.0.0 is released
Maxim Solodovnik
-
2023/02/14
[ANN] Apache Tomcat Native 2.0.3 released
Mark Thomas
-
2023/02/14
[ANN] Apache Tomcat Native 1.2.36 released
Mark Thomas
-
2023/02/13
[ANNOUNCE] Apache Commons FIleUpload 1.5 Released
Mark Thomas
-
2023/02/13
[ANNOUNCE] Apache Airflow Providers prepared on February 08, 2023 released
Elad Kalif
-
2023/02/13
[ANNOUNCE] Apache Jackrabbit 2.21.15 released
Julian Reschke
-
2023/02/13
[ANNOUNCE] Apache SkyWalking BanyanDB Java Client 0.3.0 released
Jiajing LU
-
2023/02/10
CVE-2023-22832: Apache NiFi: Improper Restriction of XML External Entity References in ExtractCCDAAttributes
David Handermann
-
2023/02/10
[ANNOUNCE] Apache NiFi 1.20.0 release.
Joe Witt
-
2023/02/09
[ANNOUNCE] Apache Groovy 4.0.9 Released
Paul King
-
2023/02/09
[ANNOUNCE] Apache Groovy 3.0.15 Released
Paul King
-
2023/02/08
[ANNOUNCE] Apache UIMA uimaFIT version 3.4.0 released
Richard Eckart de Castilho
-
2023/02/08
[ANNOUNCE] Apache APISIX 2.15.2 has been released
Zexuan Luo
-
2023/02/07
CVE-2023-25194: Apache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect
Manikumar
-
2023/02/07
[ANNOUNCE] Apache Kafka 3.4.0
David Arthur
-
2023/02/07
[ANNOUNCE] Apache bRPC 1.4.0 Released
Xiaofeng
-
2023/02/07
[ANNOUNCE] Apache Camel 3.20.2 (LTS) Released
Gregor Zurowski
-
2023/02/07
[ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.2.0
Christophe Bornet
-
2023/02/07
[ANNOUNCE] Apache YuniKorn v1.2.0 released
Wilfred Spiegelenburg
-
2023/02/06
[ANNOUNCE] Apache Airflow Helm Chart version 1.8.0 Released
Jedidiah Cunningham
-
2023/02/06
ANNOUNCE] Apache Tika 2.7.0 released
Tim Allison
-
2023/02/06
[ANNOUNCE] Release Apache Hop 2.3.0
Bart Maertens
-
2023/02/06
[ANNOUNCE] Apache HBase 2.5.3 is now available for download
Tak Lon (Stephen) Wu
-
2023/02/06
[ANNOUNCE] Apache HBase 2.4.16 is now available for download
Duo Zhang
-
2023/02/06
[ANNOUNCE] Apache Camel 4.0.0-M1 Released
Gregor Zurowski
-
2023/02/06
[ANNOUNCE] Apache ShenYu 2.5.1 available
Liu Liang
-
2023/02/06
CVE-2023-22849: Apache Sling App CMS: XSS in CMS Reference / UI Components
Dan Klco
-
2023/02/06
CVE-2022-45786: Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection
John Gemignani
-
2023/02/02
[ANNOUCEMENT] Apache Commons CSV 1.10.0
Gary Gregory
-
2023/02/02
[ANNOUNCE] Apache Arrow 11.0.0 released
Raúl Cumplido
-
2023/02/02
[ANNOUNCE] Apache UIMA Java SDK version 3.4.0 released
Richard Eckart de Castilho
-
2023/02/02
[ANNOUNCEMENT] Apache Portable Runtime Utility 1.6.3 Released
covener
-
2023/02/02
[ANNOUNCEMENT] Apache Portable Runtime 1.7.2 Released
covener
-
2023/02/01
[ANNOUNCE] Apache Flink 1.16.1 released
Martijn Visser
-
2023/02/01
CVE-2023-24997: Apache InLong: Jdbc Connection Security Bypass in InLong
Charles Zhang
-
2023/02/01
CVE-2023-24977: Apache InLong: Jdbc Connection causes arbitrary file reading in InLong
Charles Zhang
-
2023/01/31
CVE-2022-28331: Apache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function
Eric Covener
-
2023/01/31
CVE-2022-25147: Apache Portable Runtime (APR): out-of-bounds writes in the apr_base64 family of functions
Eric Covener
-
2023/01/31
CVE-2022-24963: Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions
Eric Covener
-
2023/01/31
[ANNOUNCEMENT] Apache Portable Runtime Utility 1.6.2 Released
covener
-
2023/01/31
[ANNOUNCEMENT] Apache Portable Runtime 1.7.1 Released
covener
-
2023/01/31
CVE-2022-44645: Apache Linkis (incubating): The DatasourceManager module has a serialization attack vulnerability
Heping Wang
-
2023/01/31
CVE-2022-44644: Apache Linkis (incubating): The DatasourceManager module has a Local File Read Vulnerability
Heping Wang
-
2023/01/31
[ANNOUNCE] Apache APISIX Ingress controller v1.6.0 released
Jintao Zhang
-
2023/01/30
[ANNOUNCE] Apache Lucene 9.5.0 released
Luca Cavanna
-
2023/01/30
CVE-2023-24830: Apache IoTDB: apache/iotdb-web-workbench: create a user without authorization
Jialin Qiao
-
2023/01/30
CVE-2023-24829: Apache IoTDB: apache/iotdb-web-workbench: forge the JWTToken to access workbench
Jialin Qiao
-
2023/01/30
[ANNOUNCE] MyFaces Core v4.0.0-RC4 Release
Volodymyr Siedlecki
-
2023/01/30
[ANNOUNCE] Apache ZooKeeper 3.8.1 released
Enrico Olivelli
-
2023/01/30
[ANNOUNCE] Apache EventMesh (incubating) 1.8.0 available
walterzywei
-
2023/01/30
[ANNOUNCE] Apache Jackrabbit Oak 1.48.0 released
Julian Reschke
-
2023/01/26
[ANNOUNCE] Airflow Providers prepared on January 23, 2023 are ready
Elad Kalif
-
2023/01/26
[ANNOUNCE] Apache DataFu-Spark 1.7.0 Released
Eyal Allweil
-
2023/01/25
[ANNOUNCE] Apache Pinot 0.12.0 released
Xiang Fu
-
2023/01/25
[ANNOUNCE] Apache Solr 9.1.1 released
Michael Gibney
-
2023/01/25
[ANNOUNCE] Apache Camel 3.18.5 (LTS) Released
Gregor Zurowski
-
2023/01/23
[ANNOUNCE] Apache Traffic Server v9.2.0 is Released!
Leif Hedstrom
-
2023/01/23
[ANN] Apache Tomcat 10.1.5 available
Mark Thomas
-
2023/01/23
Re: CVE-2023-22884: Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow
Jarek Potiuk
-
2023/01/23
[ANNOUCEMENT] Apache Commons Crypto 1.2.0
Gary Gregory
-
2023/01/22
[ANNOUNCE] Apache Groovy 4.0.8 Released
Paul King
-
2023/01/22
[ANNOUNCE] Apache Groovy 2.5.21 Released
Paul King
-
2023/01/22
[ANN] Apache Tomcat 8.5.85 available [CORRECTION]
Christopher Schultz
-
2023/01/22
CVE-2023-22884: Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow
Jarek Potiuk
-
2023/01/22
[ANNOUNCE] Apache SDAP (incubating) 1.0.0 Released
Riley Kuttruff
-
2023/01/20
[ANNOUNCE] Apache Fineract 1.8.3 Release
Aleksandar Vidakovic
-
2023/01/20
[ANNOUNCE] Apache Airflow 2.5.1 Released
Pierre Jeambrun
-
2023/01/20
[ANN] Apache TomEE 8.0.14
Richard Zowalla
-
2023/01/20
[ANNOUNCE] Apache Jackrabbit 2.21.14 released
Julian Reschke
-
2023/01/20
[ANNOUNCE] Apache Calcite Avatica 1.23.0 Released
Julian Hyde
-
2023/01/19
[ANN] Apache Tomcat 8.5.84 available
Christopher Schultz
-
2023/01/18
[ANNOUNCE] Apache StreamPipes 0.90.0
Dominik Riemer
-
2023/01/17
[ANNOUNCE] Airflow Providers released on January 14, 2023 are ready
Elad Kalif
-
2023/01/17
CVE-2022-37436: Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting
Eric Covener
-
2023/01/17
CVE-2022-36760: Apache HTTP Server: mod_proxy_ajp Possible request smuggling
Eric Covener
-
2023/01/17
CVE-2006-20001: Apache HTTP Server: mod_dav out of bounds read, or write of zero byte
Eric Covener
-
2023/01/17
[ANNOUNCEMENT] Apache HTTP Server 2.4.55 Released
covener
-
2023/01/16
CVE-2022-41703: Apache Superset: SQL injection vulnerability in adhoc clauses
Daniel Gaspar
-
2023/01/16
CVE-2022-45438: Apache Superset: Dashboard metadata information leak
Daniel Gaspar
-
2023/01/16
CVE-2022-43721: Apache Superset: Open Redirect Vulnerability
Daniel Gaspar
-
2023/01/16
CVE-2022-43720: Apache Superset: Improper rendering of user input
Daniel Gaspar
-
2023/01/16
CVE-2022-43719: Apache Superset: Cross Site Request Forgery (CSRF) on accept, request access API
Daniel Gaspar
-
2023/01/16
CVE-2022-43718: Apache Superset: Cross-Site Scripting vulnerability on upload forms
Daniel Gaspar
-
2023/01/16
CVE-2022-43717: Apache Superset: Cross-Site Scripting on dashboards
Daniel Gaspar
-
2023/01/16
[ANN] Apache Syncope 3.0.1
Francesco Chicchiriccò
-
2023/01/15
[ANNOUNCE] Apache FreeMarker 2.3.32 is released
Daniel Dekany
-
2023/01/15
[ANN] Apache Karaf OSGi runtime 4.3.9 has been released!
Jean-Baptiste Onofré
-
2023/01/13
[ANNOUNCE] Apache Qpid ProtonJ2 1.0.0-M12 released
Timothy Bish
-
2023/01/13
[ANN] Apache Karaf OSGi Runtime 4.4.3 has been released!
Jean-Baptiste Onofré
-
2023/01/13
[ANNOUNCE] Apache Qpid JMS 2.2.0 released
Robbie Gemmell
-
2023/01/13
[ANNOUNCE] Apache Qpid JMS 1.8.0 released
Robbie Gemmell
-
2023/01/13
CVE-2023-22602: Apache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request
Brian Demers
-
2023/01/13
[ANNOUNCE] Apache Pulsar 2.11.0 released
guo jiwei
-
2023/01/13
[ANN] Apache Tomcat 9.0.71 available
Rémy Maucherat
-
2023/01/12
[ANNOUNCEMENT] HttpComponents Core 5.2.1 GA released
Oleg Kalnichevski
-
2023/01/11
[ANNOUNCE] Apache CouchDB 3.3.1 released
Jan Lehnardt
-
2023/01/11
[ANNOUNCE] Apache Jackrabbit FileVault 3.6.8 released
Julian Reschke
-
2023/01/11
[ANNOUNCE] Apache ShardingSphere on Cloud 0.1.2 available
Hongsheng Zhong
-
2023/01/10
[ANNOUNCE] Apache Arrow ADBC 0.1.0 Released
David Li
-
2023/01/10
[ANNOUNCE] Apache ShardingSphere 5.3.1 available
Hongsheng Zhong
-
2023/01/10
[ANNOUNCE] Apache Ant 1.10.13 released
Jaikiran Pai
-
2023/01/10
[ANNOUNCE] Apache ShardingSphere 5.3.1 available
Hongsheng Zhong
-
2023/01/10
[ANNOUNCE] Apache Jackrabbit 2.20.8 released
Julian Reschke
-
2023/01/08
CVE-2022-46769: Apache Sling App CMS: XSS in CMS Site Group Detail
Dan Klco
-
2023/01/08
[ANNOUNCE] Apache Jena 4.7.0 released
Andy Seaborne
-
2023/01/08
[ANNOUNCE] Apache Drill 1.20.3 Released
James Turton
-
2023/01/08
[ANNOUNCE] Log4cxx 1.0.0 Released
Robert Middleton
-
2023/01/08
[ANNOUNCE] Apache Camel 3.20.1 (LTS) Released
Gregor Zurowski
-
2023/01/06
[ANNOUNCE] Apache Pulsar Node.js client 1.8.0 released
Zike Yang
-
2023/01/06
CVE-2022-45935: Apache James server: Temporary File Information Disclosure
Benoit Tellier
-
2023/01/06
CVE-2022-45787: Apache James MIME4J: Temporary File Information Disclosure in MIME4J TempFileStorageProvider
Benoit Tellier
-
2023/01/06
[ANNOUNCE] Apache James 3.7.3 released
Benoit TELLIER
-
2023/01/06
[ANNOUNCE] Apache James MIME4J 0.8.8 released
Benoit TELLIER
-
2023/01/06
[ANNOUNCE] Apache James JSPF 1.0.3 released
Benoit TELLIER
-
2023/01/06
[ANNOUNCEMENT] Apache SkyWalking Satellite 1.1.0 Released
han liu
-
2023/01/05
[ANNOUNCE] Airflow Providers released on Janurary 02, 2023 released
Elad Kalif
-
2023/01/03
[ANNOUNCE] MyFaces Core v4.0.0-RC3 Release
Volodymyr Siedlecki
-
2023/01/03
[SECURITY] CVE-2022-45143 Apache Tomcat - JsonErrorReportValve injection
Mark Thomas
-
2023/01/03
[ANNOUNCE] Apache Pulsar 2.9.4 released
丛搏
-
2023/01/03
[ANNOUNCE] Release Apache DolphinScheduler 3.0.4
Jay Chung
-
2023/01/03
[RELEASE] Apache CouchDB 3.3.0 released
Jan Lehnardt
-
2022/12/30
[ANNOUNCE] Apache APISIX 3.1.0 has been released
Zexuan Luo
-
2022/12/30
CVE-2022-44621: Apache Kylin: Command injection by Diagnosis Controller
Xiaoxiang Yu
-
2022/12/30
CVE-2022-43396: Apache Kylin: Command injection by Useless configuration
Xiaoxiang Yu
-
2022/12/27
[ANNOUNCE] Apache Pulsar Client Python 3.0.0 released
Yunze Xu
-
2022/12/26
[ANNOUNCE] Apache SIS 1.3 Release
Martin Desruisseaux
-
2022/12/24
[ANNOUNCE] Apache Groovy 4.0.7 Released
Paul King
-
2022/12/24
[ANNOUNCE] Apache Groovy 2.5.20 Released
Paul King
-
2022/12/24
[ANNOUNCE] Apache Groovy 3.0.14 Released
Paul King
-
2022/12/22
[ANNOUNCE] Commons Math 4.0-beta1
Gilles Sadowski
-
2022/12/22
CVE-2022-45347: Apache ShardingSphere-Proxy: ShardingSphere-Proxy MySQL authentication bypass
Weijie Wu
-
2022/12/21
CVE-2022-40145: Apache Karaf: JDBC JAAS LDAP injection
Jean-Baptiste Onofré
-
2022/12/21
[ANNOUNCE] Apache Camel 3.20.0 (LTS) Released
Gregor Zurowski
-
2022/12/20
[ANNOUNCEMENT] Apache SkyWalking Rover 0.4.0 Released
han liu
-
2022/12/20
CVE-2022-46421: Apache Airflow Hive Provider: Hive Provider RCE vulnerability with hive_cli_params
Jarek Potiuk
-
2022/12/19
[ANNOUNCE] Airflow Providers released on December 14, 2022 are ready
Elad Kalif
-
2022/12/19
[ANNOUNCE] Ignite Spark Extension 2.0.0 and 3.0.0 Released
Maxim Muzafarov
-
2022/12/17
[ANNOUNCE] Apache Camel 3.14.7 (LTS) Released
Gregor Zurowski
-
2022/12/17
[ANNOUNCE] Apache SpamAssassin 4.0.0 available
Sidney Markowitz
-
2022/12/17
CVE-2022-47500: Apache Helix: Open redirect
Junkai Xue
-
2022/12/16
CVE-2022-46870: Apache Zeppelin: Stored XSS in note permissions
Arnout Engelen
-
2022/12/16
CVE-2021-28655: Apache Zeppelin: Arbitrary file deletion vulnerability
Arnout Engelen
-
2022/12/15
[ANNOUNCE] Apache Traffic Server 9.1.4 and 8.1.6 are Released
Bryan Call
-
2022/12/15
[ANNOUNCE] Apache NetBeans 16 released
Geertjan Wielenga
-
2022/12/15
CVE-2022-32531: Apache BookKeeper: Java Client Uses Connection to Host that Failed Hostname Verification
Enrico Olivelli
-
2022/12/15
[ANNOUNCE] Apache Pulsar Client C++ 3.1.0 released
Zike Yang
-
2022/12/14
CVE-2022-34271: Apache Atlas: zip path traversal in import functionality
Madhan Neethiraj
-
2022/12/13
CVE-2022-46364: Apache CXF SSRF Vulnerability
Colm O hEigeartaigh
-
2022/12/13
[ANN] End of life for Apache Tomcat 8.5.x
Mark Thomas
-
2022/12/13
[ANN] End of life for Apache Tomcat 8.5.x
Mark Thomas
-
2022/12/13
CVE-2022-46363: Apache CXF directory listing / code exfiltration
Colm O hEigeartaigh
-
2022/12/13
[ANNOUNCE] Apache NiFi MiNiFi C++ 0.13.0 release
Ferenc Gerlits
-
2022/12/12
[ANNOUNCE] Apache Qpid proton-dotnet 1.0.0-M7 released
Timothy Bish
-
2022/12/12
[ANNOUNCE] Apache Impala 4.2.0 release
Daniel Becker
-
2022/12/12
[ANN] Apache Syncope 2.1.13
Francesco Chicchiriccò
-
2022/12/12
[ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.1.0
Lari Hotari
-
2022/12/11
[ANNOUNCE] Apache ShardingSphere on Cloud 0.1.1 available
吴伟杰
-
2022/12/09
[ANN] Apache Tomcat 10.1.4 available
Mark Thomas
-
2022/12/09
[ANNOUNCE] Apache ShardingSphere 5.3.0 available
吴伟杰
-
2022/12/09
[ANNOUNCE] Apache Hop 2.2.0
Bart Maertens
-
2022/12/09
[ANNOUNCE] Apache Jackrabbit 2.21.14 released
Julian Reschke
-
2022/12/09
[ANNOUNCE] Apache SkyWalking NodeJS 0.6.0 is available
kezhenxu94
-
2022/12/08
[ANNOUNCEMENT] HttpComponents Client 5.2.1 GA Released
Oleg Kalnichevski
-
2022/12/08
[ANNOUNCE] Release Apache DolphinScheduler 3.0.3
Jay Chung
-
2022/12/07
[ANNOUNCE] Apache NiFi 1.19.1 release.
Joe Witt
-
2022/12/07
[ANNOUNCE] Apache Doris 1.2.0 release
ChenMingyu
-
2022/12/07
[ANNOUNCE] Apache Commons Statistics Version 1.0 Released
Alex Herbert
-
2022/12/07
[ANNOUNCE] Apache Atlas 2.3.0 released
Madhan Neethiraj
-
2022/12/07
[ANNOUNCE] Apache ActiveMQ 5.17.3 has been released!
Jean-Baptiste Onofré
-
2022/12/07
[ANNOUNCE] Apache Commons BCEL 6.7.0
Gary Gregory
-
2022/12/06
CVE-2022-45910: Apache ManifoldCF: LDAP Injection Vulnerability - ActiveDirectory Authorities
Markus Schuch
-
2022/12/05
[ANN] Apache Tomcat 11.0.0-M1 (alpha) available
Mark Thomas
-
2022/12/05
[ANN] Apache Tomcat 9.0.70 available
Rémy Maucherat
-
2022/12/05
[ANN] Apache Tomcat Migration tool for Jakarta EE 1.0.6
Mark Thomas
-
2022/12/05
[ANNOUNCE] Apache IoTDB 1.0.0 released
Haonan Hou
-
2022/12/05
CVE-2022-45046: Apache Camel: LDAP Injection in Camel-LDAP
Andrea Cosentino
-
2022/12/05
[ANNOUNCEMENT] HttpComponents Client 4.5.14 GA Released
Oleg Kalnichevski
-
2022/12/04
[ANNOUNCE] Apache HBase 2.5.2 is now available for download
Duo Zhang
-
2022/12/03
CVE-2021-37533: Apache Commons Net's FTP client trusts the host from PASV response by default
Gary D. Gregory
-
2022/12/02
[ANNOUNCE] Airflow Providers released on December 02, 2022 released
Jarek Potiuk
-
2022/12/02
[ANNOUNCE] Apache Commons Net 3.9.0
Gary Gregory
-
2022/12/02
[ANNOUNCE] Apache Airflow 2.5.0 Released
Ephraim Anierobi
-
2022/12/02
CVE-2022-46366: Apache Tapestry prior to version 4 (EOL) allows RCE though deserialization of untrusted input
Arnout Engelen
-
2022/12/01
[ANNOUNCE] Apache Camel 3.18.4 (LTS) Released
Gregor Zurowski
-
2022/11/30
[ANNOUNCEMENT] HttpComponents Core 4.4.16 Released
Oleg Kalnichevski
-
2022/11/30
[ANNOUNCE] Apache Fineract 1.7.2 Release
Aleksandar Vidakovic
-
2022/11/29
[ANNOUNCE] Apache Tuweni (incubating) 2.3.1 released
Antoine Toulme
-
2022/11/29
Airflow Providers released on November 29, 2022 are ready
Jarek Potiuk
-
2022/11/29
CVE-2022-44635: Apache Fineract allowed an authenticated user to perform remote code execution due to path traversal
Arnout Engelen
-
2022/11/29
[ANNOUNCE] Apache Fineract 1.8.2 Release
Aleksandar Vidakovic
-
2022/11/28
[ANN] Apache Struts 6.1.1 (proper list of issues)
Lukasz Lenart
-
2022/11/28
Re: [ANN] Apache Struts 6.1.1
Lukasz Lenart
-
2022/11/28
[ANNOUNCE] Apache NiFi 1.19.0 release
Joe Witt