[ANNOUNCE] Apache Camel 3.14.9 (LTS) Released
The Camel PMC is pleased to announce the release of Apache Camel 3.14.9 (LTS). Apache Camel is an open source integration framework that empowers you to quickly and easily integrate various systems consuming or producing data. This patch release contains 2 bug fixes and improvements. The release is available for immediate download at: https://camel.apache.org/download/ For more details please take a look at the release notes at: https://camel.apache.org/releases/release-3.14.9/
[ANNOUNCE] Apache NiFi NAR Maven Plugin 1.5.1 release
Hello The Apache NiFi team would like to announce the release of Apache NiFi NAR Maven Plugin 1.5.1. Apache NiFi is an easy to use, powerful, and reliable system to process and distribute data. Apache NiFi was made for dataflow. It supports highly configurable directed graphs of data routing, transformation, and system mediation logic. Nar Maven Plugin is a release artifact used for supporting the NiFi classloader isolation model. More details on Apache NiFi can be found here: https://nifi.apache.org/ The release artifacts can be downloaded from here: https://repository.apache.org/content/groups/public/org/apache/nifi/nifi-nar-maven-plugin/1.5.1/ Maven artifacts have been made available and mirrored as per normal ASF artifact processes. Issues closed/resolved for this list can be found here: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316020=12353009 Release note highlights can be found here: https://cwiki.apache.org/confluence/display/NIFI/Release+Notes#ReleaseNotes-NiFiNARMavenPluginVersion1.5.1 Thank you The Apache NiFi team
[ANNOUNCE] Apache SkyWalking 9.5.0 released
Hi all, Apache SkyWalking Team is glad to announce the first release of Apache SkyWalking 9.5.0. SkyWalking: APM (application performance monitor) tool for distributed systems, especially designed for microservices, cloud native and container-based (Docker, Kubernetes, Mesos) architectures. This release contains a number of new features, bug fixes and improvements compared to version 9.4.0. The notable changes since 9.5.0 include: 1. New Topology Layout 2. Elasticsearch Server Monitoring 3. Remove OpenCensus support, the related codes and docs as it’s sunsetting. Please refer to the change log for the complete list of changes: https://skywalking.apache.org/events/release-apache-skywalking-apm-9.5.0/ Apache SkyWalking website: http://skywalking.apache.org/ Downloads: http://skywalking.apache.org/downloads/ Twitter: https://twitter.com/ASFSkyWalking SkyWalking Resources: - GitHub: https://github.com/apache/skywalking - Issue: https://github.com/apache/skywalking/issues - Mailing list: d...@skywalkiing.apache.org - Apache SkyWalking Team
CVE-2023-35005: Apache Airflow: Information disclosure on configuration view
Severity: low Affected versions: - Apache Airflow 2.5.0 before 2.6.2 Description: In Apache Airflow, some potentially sensitive values were being shown to the user in certain situations. This vulnerability is mitigated by the fact configuration is not shown in the UI by default (only if `[webserver] expose_config` is set to `non-sensitive-only`), and not all uncensored values are actually sentitive. This issue affects Apache Airflow: from 2.5.0 before 2.6.2. Credit: Piotr Chomiak from Astro product security team (finder) References: https://github.com/apache/airflow/pull/31788 https://github.com/apache/airflow/pull/31820 https://airflow.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-35005
[ANNOUNCE] Apache Arrow 12.0.1 released
The Apache Arrow community is pleased to announce the 12.0.1 release. It includes 38 resolved issues ([1]) since the 12.0.0 release. The release is available now from our website and [2]: http://arrow.apache.org/install/ Read about what's new in the release https://arrow.apache.org/blog/2023/06/13/12.0.1-release/ Changelog https://arrow.apache.org/release/12.0.1.html What is Apache Arrow? - Apache Arrow is a columnar in-memory analytics layer designed to accelerate big data. It houses a set of canonical in-memory representations of flat and hierarchical data along with multiple language-bindings for structure manipulation. It also provides low-overhead streaming and batch messaging, zero-copy interprocess communication (IPC), and vectorized in-memory analytics libraries. Please report any feedback to the mailing lists ([3]) Regards, The Apache Arrow community [1]: https://github.com/apache/arrow/milestone/54?closed=1 [2]: https://www.apache.org/dyn/closer.cgi/arrow/arrow-12.0.1/ [3]: https://lists.apache.org/list.html?d...@arrow.apache.org
[ANNOUNCE] Apache Wicket 10.0.0-M1 released
The Apache Wicket PMC is proud to announce Apache Wicket 10.0.0-M1! Apache Wicket is an open source Java component oriented web application framework that powers thousands of web applications and web sites for governments, stores, universities, cities, banks, email providers, and more. You can find more about Apache Wicket at https://wicket.apache.org This release marks another minor release of Wicket 10. We use semantic versioning for the development of Wicket, and as such no API breaks are present in this release compared to 10.0.0. New and noteworthy -- **Java 17 support** The new milestone requires Java 17 as minimum version. **Automatic migration tool** Apache Wicket 10 provides automatic migration based on OpenRewrite. See migration guide for more details: https://cwiki.apache.org/confluence/display/WICKET/Migration+to+Wicket+10.0#MigrationtoWicket10.0-Automaticmigration Using this release -- With Apache Maven update your dependency to (and don't forget to update any other dependencies on Wicket projects to the same version): org.apache.wicket wicket-core 10.0.0-M1 Or download and build the distribution yourself, or use our convenience binary package you can find here: * Download: http://wicket.apache.org/start/wicket-10.x.html#manually Upgrading from earlier versions --- If you upgrade from 10.y.z this release is a drop in replacement. If you come from a version prior to 10.0.0, please read our Wicket 10 migration guide found at * http://s.apache.org/wicket10migrate Have fun! — The Wicket team CHANGELOG for 10.0.0-M1: ** Bug * [WICKET-6895] - Links to examples in documentation points to old version of 8x * [WICKET-6896] - AutoCompleteTextField re-opens dropdown item list after item has been selected * [WICKET-6897] - Javadoc build fails on fresh checkout of master or rel/wicket-9.3.0 * [WICKET-6902] - Change of PartialPageUpdate order of onAfterResponse and writePriorityEvaluations makes IListener.onAfterResponde ignore prepended javascripts * [WICKET-6908] - Possible bug / edge case where page is not detached * [WICKET-6913] - Java 17 compatibility with cglib * [WICKET-6914] - Visibility change of "File Upload" via ajax causes "missing" form-data * [WICKET-6921] - MultipartFormComponentListener breaks on hidden components * [WICKET-6936] - FilePageStore fails on windows * [WICKET-6944] - Memory leak in WicketEndpoint * [WICKET-6945] - MultipartFormComponentListener modifies enctype on invisible forms, leading to javascript errors * [WICKET-6947] - IndicatingAjaxButton does not work with Bootstrap 4 * [WICKET-6953] - JavaScriptDeferHeaderResponse not working correctly for AJAX requests * [WICKET-6955] - Wicket uses unstable slf4j version * [WICKET-6965] - Memory leak in WicketEndpoint * [WICKET-6966] - IndexOutOfBounds in InSessionPageStore * [WICKET-6970] - Unnecessary string building in AssociatedMarkupSourcingStrategy * [WICKET-6971] - NullPointerException in ModificationWatcher * [WICKET-6974] - JavaxUpgradeHttpRequest returns an empty contextPath * [WICKET-6975] - Behavior.renderHead may be called multiple times * [WICKET-6981] - InSessionPageStore does not trigger flushSession * [WICKET-6988] - String.format used in JS generation leads to errors * [WICKET-6990] - DiskPageStore loses pages when container re-binds attributes * [WICKET-6996] - NotSerializableException near KeyInSessionSunJceCryptFactory * [WICKET-6999] - Missing Export-Package of packages with "internal" in name * [WICKET-7005] - ByteBuddy IllegalStateException: Cannot inject already loaded type * [WICKET-7007] - Code snippets for CSRF documentation fixing * [WICKET-7013] - IndexOutOfBoundsException in InSessionPageStore * [WICKET-7022] - JavaScriptStripper fails to detect regular expression correctly * [WICKET-7028] - CSP header not rendered when using RedirectPolicy.NEVER_REDIRECT * [WICKET-7034] - WebSocket.Closed event not fired when error occurred * [WICKET-7037] - [Ajax Download] cookie used to track download complete misses the SameSite attribute * [WICKET-7040] - find a different way to add CSP headers * [WICKET-7044] - Images in the Wicket 9.x reference guide are not displayed. * [WICKET-7052] - Interrupting a task should not be logged as an error * [WICKET-7054] - Tag