announce@apache.org, 2023-04

You are viewing a plain text version of this content. The canonical link for it is here.

- [ANNOUNCE] Apache Ranger 2.4.0 released - posted by Selvamohan Neethiraj <sn...@apache.org> on 2023/04/01 02:34:00 UTC, 0 replies.
- [ANNOUNCEMENT] Apache XalanJ 2.7.3 - posted by Mukul Gandhi <mu...@apache.org> on 2023/04/01 06:50:53 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow 2.5.3 Released - posted by Pierre Jeambrun <pi...@apache.org> on 2023/04/01 09:01:10 UTC, 0 replies.
- [ANNOUNCE] Release Apache Hop 2.4.0 - posted by Bart Maertens <ba...@apache.org> on 2023/04/01 13:34:12 UTC, 0 replies.
- [ANNOUNCE] Release Apache DolphinScheduler 3.0.5 - posted by Jay Chung <zh...@apache.org> on 2023/04/03 07:23:52 UTC, 0 replies.
- [ANNOUNCE] Apache IoTDB 1.1.0 released - posted by Haonan Hou <ha...@apache.org> on 2023/04/03 09:09:06 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar Go Client 0.10.0 released - posted by Zike Yang <zi...@apache.org> on 2023/04/03 10:19:38 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 3.18.6 (LTS) Released - posted by Gregor Zurowski <gz...@apache.org> on 2023/04/03 11:09:25 UTC, 0 replies.
- [ANNCOUNCE] Apache Flume Spring Boot 2.0.0 released - posted by Ralph Goers <rg...@apache.org> on 2023/04/03 21:33:15 UTC, 0 replies.
- [ANNOUNCE] Apache Teaclave (incubating) 0.5.0 released - posted by He Sun <hs...@apache.org> on 2023/04/04 04:01:07 UTC, 1 replies.
- CVE-2022-45801: Apache StreamPark (incubating): LDAP Injection Vulnerability - posted by Huajie Wang <be...@apache.org> on 2023/04/04 10:20:31 UTC, 0 replies.
- CVE-2022-45802: Apache StreamPark (incubating): Upload any file to any directory - posted by Huajie Wang <be...@apache.org> on 2023/04/04 10:26:42 UTC, 0 replies.
- CVE-2022-46365: Apache StreamPark (incubating): Logic error causing any account reset - posted by Huajie Wang <be...@apache.org> on 2023/04/04 10:31:33 UTC, 0 replies.
- [ANNOUNCE] Apache Jackrabbit 2.21.16 released - posted by Julian Reschke <re...@apache.org> on 2023/04/05 06:51:49 UTC, 0 replies.
- [ANNOUNCE] Airflow Providers prepared on April 02, 2023 are ready - posted by Elad Kalif <el...@apache.org> on 2023/04/06 08:23:23 UTC, 0 replies.
- [ANNOUNCE] Apache Linkis 1.3.2 available - posted by Ling Xu <ja...@apache.org> on 2023/04/06 15:53:16 UTC, 0 replies.
- [ANNOUNCEMENT] Apache HTTP Server 2.4.57 Released - posted by covener <co...@apache.org> on 2023/04/06 17:40:23 UTC, 0 replies.
- CVE-2023-28707: Airflow Apache Drill Provider Arbitrary File Read Vulnerability - posted by Jarek Potiuk <po...@apache.org> on 2023/04/07 13:57:35 UTC, 0 replies.
- CVE-2023-28706: Apache Airflow Hive Provider Beeline Remote Command Execution - posted by Jarek Potiuk <po...@apache.org> on 2023/04/07 13:59:45 UTC, 0 replies.
- CVE-2023-28710: Apache Airflow Spark Provider Arbitrary File Read via JDBC - posted by Jarek Potiuk <po...@apache.org> on 2023/04/07 14:01:29 UTC, 0 replies.
- [ANNOUNCE] Apache NiFi 1.21.0 release. - posted by Joe Witt <jo...@apache.org> on 2023/04/07 15:48:44 UTC, 0 replies.
- [ANNOUNCE] Apache Jackrabbit Oak 1.22.15 released - posted by Julian Reschke <re...@apache.org> on 2023/04/08 04:19:15 UTC, 0 replies.
- CVE-2023-27602: Apache Linkis publicsercice module unrestricted upload of file - posted by Heping Wang <pe...@apache.org> on 2023/04/10 06:14:37 UTC, 0 replies.
- CVE-2023-27603: Apache Linkis Mangaer module engineConn material upload exists Zip Slip issue - posted by Heping Wang <pe...@apache.org> on 2023/04/10 06:14:41 UTC, 0 replies.
- CVE-2023-27987: Apache Linkis gateway module token authentication bypass - posted by Heping Wang <pe...@apache.org> on 2023/04/10 06:14:48 UTC, 0 replies.
- CVE-2023-29215: Apache Linkis JDBC EngineCon has a deserialization command execution - posted by Heping Wang <pe...@apache.org> on 2023/04/10 06:14:53 UTC, 0 replies.
- CVE-2023-29216: Apache Linkis DatasourceManager module has a deserialization command execution - posted by Heping Wang <pe...@apache.org> on 2023/04/10 06:15:02 UTC, 0 replies.
- [ANNOUNCE] Apache OFBiz 18.12.07 released - posted by Jacopo Cappellato <ja...@apache.org> on 2023/04/10 08:49:45 UTC, 0 replies.
- CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability - posted by Jacques Le Roux <jl...@apache.org> on 2023/04/10 09:21:12 UTC, 0 replies.
- [ANNOUNCE] Apache Uniffle(Incubating) 0.7.0 available - posted by Junfan Zhang <zu...@apache.org> on 2023/04/10 09:43:30 UTC, 0 replies.
- [Announcement] : Apache LDAP API 2.1.2 - posted by Emmanuel Lecharny <el...@apache.org> on 2023/04/10 20:41:23 UTC, 0 replies.
- [ANNOUNCE] Apache Impala 4.1.2 release - posted by Quanlong Huang <st...@apache.org> on 2023/04/11 11:02:49 UTC, 0 replies.
- CVE-2023-30465: Apache InLong: SQL injection in apache inLong 1.5.0 - posted by Charles Zhang <do...@apache.org> on 2023/04/11 14:16:59 UTC, 1 replies.
- CVE-2022-45064: Apache Sling Engine: Include-based XSS - posted by Angela Schreiber <an...@apache.org> on 2023/04/12 15:39:15 UTC, 0 replies.
- [ANNOUNCE] Airflow Providers prepared on April 09, 2023 are released - posted by Elad Kalif <el...@apache.org> on 2023/04/12 16:47:10 UTC, 0 replies.
- [ANNOUNCE] Apache SkyWalking Java Agent 8.15.0 released - posted by Sheng Wu <wu...@apache.org> on 2023/04/13 03:09:43 UTC, 0 replies.
- [ANNOUNCE] Apache PDFBox 2.0.28 released - posted by Andreas Lehmkuehler <le...@apache.org> on 2023/04/13 14:51:22 UTC, 0 replies.
- [ANNOUNCE] Airflow Providers prepared on April 12, 2023 are released - posted by Elad Kalif <el...@apache.org> on 2023/04/13 18:58:52 UTC, 0 replies.
- [ANNOUNCE] Apache Qpid ProtonJ2 1.0.0-M14 released - posted by Timothy Bish <ta...@apache.org> on 2023/04/13 19:55:52 UTC, 0 replies.
- [ANNOUNCE] Apache DolphinScheduler Python SDK 4.0.3 Released - posted by Jay Chung <zh...@apache.org> on 2023/04/14 05:51:13 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Helm Chart version 1.9.0 Released - posted by Jedidiah Cunningham <je...@apache.org> on 2023/04/14 21:39:46 UTC, 0 replies.
- [ANNOUNCE] Apache Guacamole 1.5.1 - posted by Michael Jumper <mj...@apache.org> on 2023/04/14 22:09:04 UTC, 0 replies.
- [ANN] Apache ActiveMQ 5.18.1 has been released! - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2023/04/15 04:51:49 UTC, 0 replies.
- The Apache Software Foundation (ASF) welcomes 46 new Members - posted by Brian Proffitt <bk...@apache.org> on 2023/04/15 12:35:09 UTC, 0 replies.
- CVE-2023-22946: Apache Spark proxy-user privilege escalation from malicious configuration class - posted by "Sean R. Owen" <sr...@apache.org> on 2023/04/15 13:24:05 UTC, 0 replies.
- CVE-2023-30771: Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench - posted by Jialin Qiao <qi...@apache.org> on 2023/04/16 02:48:14 UTC, 0 replies.
- CVE-2023-24831: Apache IoTDB grafana-connector Login Bypass Vulnerability - posted by Jialin Qiao <qi...@apache.org> on 2023/04/16 04:47:12 UTC, 0 replies.
- [ANNOUNCE] Apache StreamPipes 0.91.0 - posted by Tim Bossenmaier <bo...@apache.org> on 2023/04/16 08:16:15 UTC, 0 replies.
- CVE-2023-25504: Apache Superset: Possible SSRF on import datasets - posted by Daniel Gaspar <dp...@apache.org> on 2023/04/17 09:57:11 UTC, 0 replies.
- CVE-2023-27525: Apache Superset: Incorrect default permissions for Gamma role - posted by Daniel Gaspar <dp...@apache.org> on 2023/04/17 10:04:21 UTC, 0 replies.
- [ANN] Apache Tomcat 9.0.74 available - posted by Rémy Maucherat <re...@apache.org> on 2023/04/18 08:54:57 UTC, 0 replies.
- [ANNOUNCE] Apache Wicket 9.13.0 released - posted by Andrea Del Bene <ad...@apache.org> on 2023/04/18 13:09:54 UTC, 0 replies.
- [ANNOUNCE] Apache NiFi MiNiFi C++ 0.14.0 release - posted by Gábor Gyimesi <lo...@apache.org> on 2023/04/18 15:57:37 UTC, 0 replies.
- [ANNOUNCE] Release Apache SkyWalking Client JS version 0.10.0 - posted by xue fan <qi...@apache.org> on 2023/04/19 07:10:10 UTC, 0 replies.
- [ANN] Apache Tomcat 11.0.0-M5 (alpha) available - posted by Mark Thomas <ma...@apache.org> on 2023/04/19 08:31:50 UTC, 0 replies.
- [ANN] Apache Tomcat 8.5.88 available - posted by Christopher Schultz <sc...@apache.org> on 2023/04/19 20:28:23 UTC, 0 replies.
- [ANN] Apache Tomcat 10.1.8 available - posted by Christopher Schultz <sc...@apache.org> on 2023/04/19 20:37:10 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar 2.11.1 released - posted by guo jiwei <te...@apache.org> on 2023/04/20 02:30:23 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar Node.js client 1.8.2 released - posted by Baodi Shi <ba...@apache.org> on 2023/04/20 08:45:55 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar 2.10.4 released - posted by Xiangying Meng <xi...@apache.org> on 2023/04/20 14:23:23 UTC, 0 replies.
- CVE-2023-25601: Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication - posted by Arnout Engelen <en...@apache.org> on 2023/04/20 14:50:32 UTC, 0 replies.
- [ANNOUNCE] Apache Geronimo Arthur 1.0.6 - posted by fpapon <fp...@apache.org> on 2023/04/22 07:12:03 UTC, 0 replies.
- CVE-2023-27524: Apache Superset: Session validation vulnerability when using provided default SECRET_KEY - posted by Daniel Gaspar <dp...@apache.org> on 2023/04/24 14:37:44 UTC, 0 replies.
- CVE-2023-30776: Apache Superset: Database connection password leak - posted by Daniel Gaspar <dp...@apache.org> on 2023/04/24 14:51:36 UTC, 0 replies.
- CVE-2023-22665: Apache Jena: Exposure of arbitrary execution in script engine expressions. - posted by Andy Seaborne <an...@apache.org> on 2023/04/24 19:03:51 UTC, 0 replies.
- [ANNOUNCE] Apache Solr Operator v0.7.0 released - posted by Houston Putman <ho...@apache.org> on 2023/04/24 20:23:22 UTC, 0 replies.
- [ANNOUNCE] Airflow Providers prepared on April 21, 2023 are released - posted by Elad Kalif <el...@apache.org> on 2023/04/24 21:02:05 UTC, 0 replies.
- [ANNOUNCE] Apache Hudi 0.12.3 released - posted by Sivabalan <si...@apache.org> on 2023/04/25 04:22:51 UTC, 0 replies.
- [ANNOUNCE] Apache CouchDB 3.2.3 released - posted by Jan Lehnardt <ja...@apache.org> on 2023/04/25 10:17:59 UTC, 0 replies.
- [ANNOUNCE] Apache CouchDB 3.3.2 released - posted by Jan Lehnardt <ja...@apache.org> on 2023/04/25 10:18:05 UTC, 0 replies.
- [ANNOUNCE] Apache Empire-db 3.1.0 released - posted by do...@apache.org on 2023/04/26 07:10:00 UTC, 0 replies.
- [ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.3.0 - posted by Christophe Bornet <cb...@apache.org> on 2023/04/26 14:19:17 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 3.20.4 (LTS) Released - posted by Gregor Zurowski <gz...@apache.org> on 2023/04/27 12:14:19 UTC, 0 replies.
- [ANNOUNCE] Apache bRPC 1.5.0 released - posted by Xiguo Hu <hu...@apache.org> on 2023/04/27 13:22:47 UTC, 0 replies.
- [ANNOUNCE] Apache Curator 5.5.0 released - posted by Kezhu Wang <ke...@apache.org> on 2023/04/28 10:48:59 UTC, 1 replies.
- [ANNOUNCE] Apache Accumulo 1.10.3 - posted by Christopher <ct...@apache.org> on 2023/04/28 12:46:41 UTC, 0 replies.
- [ANNOUNCEMENT] Apache SkyWalking Python 1.0.1 Released - posted by Yihao Chen <yi...@apache.org> on 2023/04/30 00:55:05 UTC, 1 replies.
- [ANNOUNCE] Apache Drill 1.21.1 Released - posted by James Turton <dz...@apache.org> on 2023/04/30 10:37:58 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow 2.6.0 Released - posted by Ephraim Anierobi <ep...@apache.org> on 2023/04/30 12:50:57 UTC, 0 replies.