Welcome, 2022! We hope that you have had a festive holiday season and are excited to kick off the new year. Here's what happened over the past week:
Apache in 2021 - By The Digits – a look at the achievements from the Apache Community over the past 12 months. - Summary and stats at https://s.apache.org/Apache2021Digits - Video highlights https://youtu.be/GU0SV_2tWkU The Apache Month in Review – highlights of what we've accomplished over the past month. - December 2021 https://s.apache.org/December2021 ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws. - Next Board Meeting: 19 January 2022. Board calendar and minutes https://apache.org/foundation/board/calendar.html ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock. - 7M+ weekly checks yield uptime at 99.98%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages. http://www.apache.org/uptime/ Apache Code Snapshot – Over the past week, 280 Apache Committers changed 2,780,891 lines of code over 2,868 commits. Top 5 contributors, in order, are: Jean-Baptiste Onofré, Gary Gregory, Mark Thomas, Harikrishna Patnala, and Claus Ibsen. Apache Project Announcements – the latest updates by category. Big Data -- - Apache Avro 1.11.0 released https://avro.apache.org/ -- CVE-2021-43045: Possible DOS vulnerabilities in C# Avro SDK https://s.apache.org/l8r9g Enterprise Processes Automation / ERP -- - Apache OFBiz 18.12.05 released https://ofbiz.apache.org/ Integration -- - Apache Camel 3.11.5 (LTS) released https://camel.apache.org/ Mail -- - Apache James 3.6.1 released https://james.apache.org/ -- CVE-2021-38542: STARTTLS command injection (IMAP and POP3) https://s.apache.org/4dnw1 -- CVE-2021-40110: IMAP vulnerable to a ReDoS https://s.apache.org/5nwbw -- CVE-2021-40111: IMAP parsing Denial Of Service https://s.apache.org/kt2t1 -- CVE-2021-40525: Sieve file storage vulnerable to path traversal attacks https://s.apache.org/keasu Network Client -- - Apache Guacamole 1.4.0 released https://guacamole.apache.org/ - Apache MINA FTPServer 1.1.2 released https://mina.apache.org Web Frameworks-- - Apache Struts 2.5.28.3 released https://struts.apache.org/ - Apache Portals 3.1.1 released https://portals.apache.org/ -- CVE-2021-36737: XSS in V3 Demo Portlet https://s.apache.org/79g3o -- CVE-2021-36738: XSS vulnerability in the JSP version of the Pluto Applicant MVCBean CDI portlet https://s.apache.org/meum0 -- CVE-2021-36739: XSS vulnerability in the MVCBean JSP portlet maven archetype https://s.apache.org/uga6s Did You Know? - Did you know that in 2021, 724 individuals new to the ASF contributed to Apache projects and initiatives? https://s.apache.org/Apache2021Digits - Did you know that Apache Druid is frequently used for AdTech data? https://druid.apache.org/ - Did you know that PulsarSummit Asia 2022 will be held online on January 15-16? https://pulsar-summit.org/ Apache Community Notices - Watch "Trillions and Trillions Served", the documentary on the ASF 1) full feature https://www.youtube.com/watch?v=JUt2nb0mgwg [49 min] 2) "Apache Everywhere" https://www.youtube.com/watch?v=nXtIti9jMFI [6 min] 3) "Why Apache" https://www.youtube.com/watch?v=YM5dLvNatRs [2.5 min] 4) “Apache Innovation” https://www.youtube.com/watch?v=qkvqJaX4S50 [40 min] - ASF Annual Report: FY2021 -- Press release https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78 and Report https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf (PDF) - The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI - Foundation Reports and Statements http://www.apache.org/foundation/reports.html - Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel. https://www.youtube.com/c/TheApacheFoundation/ - "Success at Apache" focuses on the people and processes behind why the ASF "just works." https://blogs.apache.org/foundation/category/SuccessAtApache - Inside Infra: the new interview series with members of the ASF infrastructure team --meet Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris Drew Foulks https://s.apache.org/InsideInfra-Drew Greg Stein Part I https://s.apache.org/InsideInfra-Greg ...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3 Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2 Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2 Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2 Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2 - Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn. - Follow the Apache Community on Facebook and Twitter. - Are your software solutions Powered by Apache? Download & use our "Powered By" logos. http://www.apache.org/foundation/press/kit/#poweredby Stay updated about The ASF For real-time updates, sign up for Apache-related news by sending mail to announce-subscr...@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers. = = = NOTE: you are receiving this message because you are subscribed to the announce@apache.org distribution list. To unsubscribe, send email from the recipient account to announce-unsubscr...@apache.org with the word "Unsubscribe" in the subject line. Best regards, Swapnil M Mane, www.apache.org