announce@apache.org, 2022-01

You are viewing a plain text version of this content. The canonical link for it is here.

- [ANN] Apache Struts 2.5.28.3 - posted by Lukasz Lenart <lu...@apache.org> on 2022/01/02 11:28:53 UTC, 0 replies.
- [ANNOUNCE] Apache Guacamole 1.4.0 - posted by Mike Jumper <mj...@apache.org> on 2022/01/03 05:28:34 UTC, 0 replies.
- Apache Month in Review: December 2021 - posted by Sally Khudairi <sk...@apache.org> on 2022/01/03 16:53:06 UTC, 0 replies.
- [ANNOUNCE] Apache FtpServer 1.1.2 released - posted by Emmanuel Lecharny <el...@apache.org> on 2022/01/03 17:20:16 UTC, 0 replies.
- Apache in 2021 - By The Digits - posted by Sally Khudairi <sk...@apache.org> on 2022/01/03 18:48:24 UTC, 0 replies.
- CVE-2021-38542: Apache James vulnerable to STARTTLS command injection (IMAP and POP3) - posted by Benoit Tellier <bt...@apache.org> on 2022/01/04 05:55:21 UTC, 0 replies.
- CVE-2021-40110: Apache James IMAP vulnerable to a ReDoS - posted by Benoit Tellier <bt...@apache.org> on 2022/01/04 05:55:27 UTC, 0 replies.
- CVE-2021-40111: Apache James IMAP parsing Denial Of Service - posted by Benoit Tellier <bt...@apache.org> on 2022/01/04 05:55:31 UTC, 0 replies.
- CVE-2021-40525: Apache James: Sieve file storage vulnerable to path traversal attacks - posted by Benoit Tellier <bt...@apache.org> on 2022/01/04 05:55:35 UTC, 0 replies.
- [ANNOUNCE] Apache OFBiz 18.12.05 released - posted by Jacopo Cappellato <ja...@apache.org> on 2022/01/04 09:12:36 UTC, 0 replies.
- [ANNOUNCE] Apache EventMesh (incubating) 1.3.0 available - posted by mikexue <mi...@apache.org> on 2022/01/04 15:54:44 UTC, 0 replies.
- CVE-2021-36737: Apache Portals: XSS in V3 Demo Portlet - posted by Neil Griffin <as...@apache.org> on 2022/01/05 23:23:52 UTC, 0 replies.
- CVE-2021-36738: XSS vulnerability in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet - posted by Neil Griffin <as...@apache.org> on 2022/01/05 23:24:20 UTC, 0 replies.
- CVE-2021-36739: Apache Portals: XSS vulnerability in the MVCBean JSP portlet maven archetype - posted by Neil Griffin <as...@apache.org> on 2022/01/05 23:24:36 UTC, 0 replies.
- [ANNOUNCE] Airflow Providers released on Thu 6 Jan are ready - posted by Jarek Potiuk <po...@apache.org> on 2022/01/06 12:23:24 UTC, 0 replies.
- CVE-2021-43045: Apache Avro: Possible DOS vulnerabilities in C# Avro SDK - posted by Ryan Skraba <rs...@apache.org> on 2022/01/06 17:48:38 UTC, 0 replies.
- The Apache News Round-up: week ending 7 January 2022 - posted by Swapnil M Mane <sw...@apache.org> on 2022/01/07 13:00:35 UTC, 0 replies.
- [ANNOUNCE] Apache Flink ML 2.0.0 released - posted by Yun Gao <ga...@apache.org> on 2022/01/07 15:06:43 UTC, 0 replies.
- [ANNOUNCE] Apache DolphinScheduler 2.0.2 available - posted by leon bao <le...@apache.org> on 2022/01/07 16:08:14 UTC, 0 replies.
- [ANNOUNCE] Apache Jackrabbit 2.16.9 released - posted by Julian Reschke <re...@apache.org> on 2022/01/08 09:35:28 UTC, 0 replies.
- [ANNOUNCE] Release Apache SkyWalking Kong version 0.2.0 - posted by Daming <da...@apache.org> on 2022/01/09 12:20:00 UTC, 0 replies.
- The Apache Software Foundation Security Report: 2021 - posted by Sally Khudairi <sk...@apache.org> on 2022/01/10 15:51:33 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Helm Chart version 1.4.0 Released - posted by Jedidiah Cunningham <je...@apache.org> on 2022/01/10 18:48:34 UTC, 0 replies.
- [Announcement] Apache TVM v0.8.0 Release - posted by Wuwei Lin <wu...@apache.org> on 2022/01/10 19:10:11 UTC, 0 replies.
- [SECURITY] CVE-2021-41767: Apache Guacamole: Private tunnel identifier may be included in the non-private details of active connections - posted by Mike Jumper <mj...@apache.org> on 2022/01/11 21:21:26 UTC, 0 replies.
- [SECURITY] CVE-2021-43999: Apache Guacamole: Improper validation of SAML responses - posted by Mike Jumper <mj...@apache.org> on 2022/01/11 21:21:35 UTC, 0 replies.
- Airflow Providers released on Wed Jan 12 2022 - posted by Jarek Potiuk <po...@apache.org> on 2022/01/12 19:12:38 UTC, 0 replies.
- Apache Software Foundation statement on White House Open Source Security Summit - posted by Joe Brockmeier <jz...@apache.org> on 2022/01/13 20:50:07 UTC, 0 replies.
- The Apache News Round-up: week ending 14 January 2022 - posted by Swapnil M Mane <sw...@apache.org> on 2022/01/14 17:11:21 UTC, 0 replies.
- [ANNOUNCE] Apache Geode 1.12.8 - posted by Dick Cavender <di...@apache.org> on 2022/01/14 17:49:59 UTC, 0 replies.
- [ANN] Apache Karaf runtime 4.3.6 has been released - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2022/01/15 05:27:19 UTC, 0 replies.
- [ANN] Apache Karaf runtime 4.2.15 has been released - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2022/01/15 05:35:40 UTC, 0 replies.
- [ANNOUNCE] Apache POI 5.2.0 released - posted by PJ Fanning <fa...@apache.org> on 2022/01/15 10:22:41 UTC, 0 replies.
- [ANNOUNCE] Apache Ignite 2.12.0 Released - posted by Nikita Amelchev <na...@apache.org> on 2022/01/17 13:50:01 UTC, 0 replies.
- CVE-2021-42357: DOM based XSS Vulnerability in Apache Knox - posted by Larry McCay <lm...@apache.org> on 2022/01/17 17:48:28 UTC, 0 replies.
- [ANNOUNCE] Apache APISIX Java Plugin Runner 0.2.0 has been released - posted by tzssangglass <tz...@apache.org> on 2022/01/18 08:12:11 UTC, 0 replies.
- The Apache Software Foundation Announces Open Source data orchestration platform Apache® Hop™ as a Top-Level Project - posted by Sally Khudairi <sk...@apache.org> on 2022/01/18 14:00:23 UTC, 0 replies.
- CVE-2022-23302: Deserialization of untrusted data in JMSSink in Apache Log4j 1.x - posted by Ralph Goers <rg...@apache.org> on 2022/01/18 14:42:17 UTC, 0 replies.
- CVE-2022-23305: SQL injection in JDBC Appender in Apache Log4j V1 - posted by Ralph Goers <rg...@apache.org> on 2022/01/18 14:42:35 UTC, 0 replies.
- CVE-2022-23307: Apache Log4j 1.x: A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution. - posted by Ralph Goers <rg...@apache.org> on 2022/01/18 14:42:56 UTC, 0 replies.
- [ANNOUNCE] Apache NiFi 1.15.3 release - posted by Joe Witt <jo...@apache.org> on 2022/01/18 17:04:09 UTC, 0 replies.
- [ANNOUNCE] Apache Geode Kafka Connector 1.1.0 - posted by Dan Smith <up...@apache.org> on 2022/01/19 00:21:00 UTC, 0 replies.
- CVE-2021-45230: Apache Airflow: Creating DagRuns didn't respect Dag-level permissions in the Webserver - posted by Kaxil Naik <ka...@apache.org> on 2022/01/19 14:08:03 UTC, 0 replies.
- [ANNOUNCE] Apache Flink 1.14.3 released - posted by Thomas Weise <th...@apache.org> on 2022/01/20 04:40:39 UTC, 0 replies.
- [ANNOUNCE] Apache ShardingSphere ElasticJob UI 3.0.1 available - posted by 吴伟杰 <wu...@apache.org> on 2022/01/20 05:11:36 UTC, 0 replies.
- CVE-2022-22733: Apache ShardingSphere ElasticJob-UI: Access-Token in ElasticJob UI causes password disclosure - posted by Haoran Meng <me...@apache.org> on 2022/01/20 06:07:48 UTC, 0 replies.
- [ANN] Apache Tomcat 8.5.75 available - posted by Christopher Schultz <sc...@apache.org> on 2022/01/20 13:35:53 UTC, 0 replies.
- [ANN] Apache Tomcat 9.0.58 available - posted by Rémy Maucherat <re...@apache.org> on 2022/01/20 14:49:09 UTC, 0 replies.
- [ANN] Apache Tomcat 10.1.0-M10 (alpha) available - posted by Mark Thomas <ma...@apache.org> on 2022/01/20 16:34:59 UTC, 0 replies.
- [ANN] Apache Tomcat 10.0.16 available - posted by Mark Thomas <ma...@apache.org> on 2022/01/20 18:33:20 UTC, 0 replies.
- [ANNOUNCE] Apache Geode 1.13.7 - posted by Dick Cavender <di...@apache.org> on 2022/01/20 23:51:47 UTC, 0 replies.
- [ANNOUNCEMENT] Apache SkyWalking Could on Kubernetes 0.6.1 Released - posted by han liu <li...@apache.org> on 2022/01/21 01:55:38 UTC, 0 replies.
- [ANNOUNCE] Apache OFBiz 17.12 End-Of-Life (EOL) announcement - posted by "jleroux@apache.org" <jl...@apache.org> on 2022/01/21 09:48:35 UTC, 0 replies.
- The Apache News Round-up: week ending 21 January 2022 - posted by Swapnil M Mane <sw...@apache.org> on 2022/01/21 18:15:24 UTC, 0 replies.
- [ANNOUNCE] Apache Tuweni (incubating) 2.1.0 released - posted by Antoine Toulme <to...@apache.org> on 2022/01/22 07:36:27 UTC, 0 replies.
- [ANN] Apache Struts 2.5.29 - posted by Lukasz Lenart <lu...@apache.org> on 2022/01/22 11:32:17 UTC, 0 replies.
- [ANNOUNCE] Apache Jackrabbit Oak 1.22.10 released - posted by Nitin Gupta <ng...@apache.org> on 2022/01/24 12:29:11 UTC, 0 replies.
- [ANNOUNCE] Apache Kafka 3.1.0 - posted by David Jacot <da...@apache.org> on 2022/01/24 17:03:56 UTC, 0 replies.
- CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control - posted by Yonglun Zhang <zh...@apache.org> on 2022/01/25 11:32:15 UTC, 0 replies.
- CVE-2022-23945: Apache ShenYu missing authentication allows gateway registration - posted by Yonglun Zhang <zh...@apache.org> on 2022/01/25 11:33:02 UTC, 0 replies.
- [SECURITY] New security advisory for CVE-2021-41766 released for Apache Karaf - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2022/01/25 14:47:17 UTC, 0 replies.
- [ANNOUNCE] Apache ShenYu (incubating) 2.4.2 available - posted by 张磊 <sa...@apache.org> on 2022/01/25 14:54:02 UTC, 0 replies.
- [SECURITY] New security advisory for CVE-2022-22932 - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2022/01/25 14:56:37 UTC, 0 replies.
- [ANNOUNCE] Apache Geode 1.14.3 - posted by Dick Cavender <di...@apache.org> on 2022/01/26 00:27:34 UTC, 0 replies.
- [SECURITY] CVE-2022-23181 Apache Tomcat Local Privilege Escalation - posted by Mark Thomas <ma...@apache.org> on 2022/01/26 11:11:38 UTC, 0 replies.
- [ANNOUNCE] Apache Hop 1.1.0 - posted by Bart Maertens <ba...@apache.org> on 2022/01/27 13:14:48 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 3.14.1 (LTS) Released - posted by Gregor Zurowski <gz...@apache.org> on 2022/01/27 13:29:00 UTC, 0 replies.
- [ANNOUNCE] Apache Groovy 4.0.0 Released - posted by Paul King <pa...@apache.org> on 2022/01/28 14:05:12 UTC, 0 replies.
- The Apache News Round-up: week ending 28 January 2022 - posted by Swapnil M Mane <sw...@apache.org> on 2022/01/28 14:25:04 UTC, 0 replies.
- [ANNOUNCE] Apache APISIX 2.12.0 has been released - posted by Bisakh Mondal <bi...@apache.org> on 2022/01/29 06:31:35 UTC, 0 replies.
- [ANNOUNCE] Apache Linkis (Incubating) Release 1.0.3 available - posted by Shuai Di <sh...@apache.org> on 2022/01/29 14:31:55 UTC, 0 replies.
- [ANNOUNCE] Apache SkyWalking Java Agent 8.9.0 released - posted by Sheng Wu <wu...@apache.org> on 2022/01/30 03:00:57 UTC, 0 replies.
- [ANNOUNCE] mod_perl-2.0.12 - posted by Steve Hay <st...@apache.org> on 2022/01/30 13:43:15 UTC, 0 replies.
- Apache Usergrid is now retired - posted by Hervé Boutemy <hb...@apache.org> on 2022/01/30 18:17:46 UTC, 0 replies.
- [ANNOUNCE] Apache Kyuubi (Incubating) released 1.4.1-incubating - posted by Vino Yang <vi...@apache.org> on 2022/01/31 06:49:09 UTC, 0 replies.
- CVE-2021-41571: Apache Pulsar: Pulsar Admin API allows access to data from other tenants using getMessageById API - posted by Enrico Olivelli <eo...@apache.org> on 2022/01/31 12:47:18 UTC, 0 replies.
- CVE-2022-23437: Infinite loop within Apache XercesJ xml parser - posted by Mukul Gandhi <mu...@apache.org> on 2022/01/31 13:48:22 UTC, 0 replies.