announce@apache.org, 2023-10

You are viewing a plain text version of this content. The canonical link for it is here.

- Apache Any23 is now retired - posted by Hervé Boutemy <hb...@apache.org> on 2023/10/01 16:33:05 UTC, 0 replies.
- [ANNOUNCEMENT] Apache Commons Pool 2.12.0 - posted by Phil Steitz <ps...@apache.org> on 2023/10/01 21:07:33 UTC, 0 replies.
- [ANN] Apache Tomcat Native 2.0.6 released - posted by Mark Thomas <ma...@apache.org> on 2023/10/02 09:07:21 UTC, 0 replies.
- [ANN] Apache Syncope 3.0.5 - posted by Francesco Chicchiriccò <il...@apache.org> on 2023/10/02 15:22:21 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 3.20.7 (LTS) Released - posted by Gregor Zurowski <gz...@apache.org> on 2023/10/02 17:24:12 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Helm Chart version 1.11.0 Released - posted by Jedidiah Cunningham <je...@apache.org> on 2023/10/03 00:10:29 UTC, 0 replies.
- [ANN] Apache Tomcat Native 1.2.39 released - posted by Mark Thomas <ma...@apache.org> on 2023/10/03 09:08:46 UTC, 0 replies.
- [ANNOUNCE] Apache Impala 4.3.0 release - posted by Michael Smith <mi...@apache.org> on 2023/10/03 23:35:18 UTC, 0 replies.
- [ANNOUNCE] Apache HUDI 0.14.0 released - posted by Prashant Wason <pw...@apache.org> on 2023/10/05 06:08:53 UTC, 0 replies.
- [ANN] Apache Maven 3.9.5 released - posted by Slawomir Jaranowski <sj...@apache.org> on 2023/10/05 10:45:22 UTC, 0 replies.
- [ANNOUNCE] Apache APISIX 3.6.0 has been released - posted by Xin Rong <al...@apache.org> on 2023/10/05 12:14:59 UTC, 0 replies.
- [ANNOUNCEMENT] Apache Commons Net 3.10.0 - posted by Gary Gregory <gg...@apache.org> on 2023/10/06 12:19:29 UTC, 0 replies.
- [ANNOUNCE] Release Apache Kvrocks 2.6.0 - posted by Twice <tw...@apache.org> on 2023/10/07 01:20:18 UTC, 0 replies.
- [ANNOUNCE] Apache Pekko (Incubating) Persistence Cassandra 1.0.0 available - posted by PJ Fanning <fa...@apache.org> on 2023/10/07 09:44:10 UTC, 0 replies.
- [ANNOUNCE] Apache Celix 2.4.0 released - posted by Pepijn Noltes <pn...@apache.org> on 2023/10/07 12:26:18 UTC, 0 replies.
- [ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.4.0 - posted by Christophe Bornet <cb...@apache.org> on 2023/10/09 18:54:08 UTC, 0 replies.
- [ANN] Apache Tomcat 10.1.14 available - posted by Christopher Schultz <sc...@apache.org> on 2023/10/10 11:01:43 UTC, 0 replies.
- [ANN] Apache Tomcat 8.5.94 available - posted by Christopher Schultz <sc...@apache.org> on 2023/10/10 11:02:42 UTC, 0 replies.
- [ANN] Apache Tomcat 11.0.0-M12 (alpha) available - posted by Mark Thomas <ma...@apache.org> on 2023/10/10 11:07:42 UTC, 0 replies.
- [ANN] Apache Tomcat 9.0.81 available - posted by Rémy Maucherat <re...@apache.org> on 2023/10/10 11:50:00 UTC, 0 replies.
- [SECURITY] CVE-2023-42794 Apache Tomcat - denial of service - posted by Mark Thomas <ma...@apache.org> on 2023/10/10 12:14:52 UTC, 0 replies.
- [SECURITY] CVE-2023-42795 Apache Tomcat - information disclosure - posted by Mark Thomas <ma...@apache.org> on 2023/10/10 12:14:57 UTC, 0 replies.
- [SECURITY] CVE-2023-44487 Apache Tomcat - HTTP/2 DoS - posted by Mark Thomas <ma...@apache.org> on 2023/10/10 12:15:02 UTC, 0 replies.
- [SECURITY] CVE-2023-45648 Apache Tomcat - Request Smuggling - posted by Mark Thomas <ma...@apache.org> on 2023/10/10 12:15:06 UTC, 0 replies.
- Apache Traffic Server 9.2.3 and 8.1.9 are released - posted by Bryan Call <bc...@apache.org> on 2023/10/10 17:56:33 UTC, 0 replies.
- [ANNOUNCE] Apache Kafka 3.6.0 - posted by Satish Duggana <sa...@apache.org> on 2023/10/11 05:39:04 UTC, 0 replies.
- [ANNOUNCE] Apache Jackrabbit 2.21.20 released - posted by Julian Reschke <re...@apache.org> on 2023/10/11 08:26:32 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 4.1.0 Released - posted by Gregor Zurowski <gz...@apache.org> on 2023/10/11 11:10:07 UTC, 0 replies.
- CVE-2023-44981: Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication - posted by Andor Molnar <an...@apache.org> on 2023/10/11 11:49:52 UTC, 0 replies.
- [Announcement] : Apache LDAP API 2.1.5 - posted by Emmanuel Lecharny <el...@apache.org> on 2023/10/12 05:14:06 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow 2.7.2 Released - posted by Ephraim Anierobi <ep...@apache.org> on 2023/10/12 10:39:26 UTC, 0 replies.
- [ANNOUNCE] Apache Sedona 1.5.0 released - posted by Jia Yu <ji...@apache.org> on 2023/10/12 10:44:05 UTC, 0 replies.
- [ANNOUNCE] Apache SIS 1.4 Release - posted by Martin Desruisseaux <de...@apache.org> on 2023/10/12 22:55:33 UTC, 0 replies.
- [ANN] Apache Tomcat 9.0.82 available - posted by Rémy Maucherat <re...@apache.org> on 2023/10/13 07:43:06 UTC, 0 replies.
- [ANNOUNCE] Apache Celeborn(incubating) 0.3.1 available - posted by Cheng Pan <ch...@apache.org> on 2023/10/13 13:24:17 UTC, 0 replies.
- CVE-2023-42780: Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature - posted by Ephraim Anierobi <ep...@apache.org> on 2023/10/13 15:13:49 UTC, 0 replies.
- CVE-2023-45348: Apache Airflow: Configuration information leakage vulnerability - posted by Ephraim Anierobi <ep...@apache.org> on 2023/10/13 15:14:02 UTC, 0 replies.
- CVE-2023-42792: Apache Airflow: Improper access control to DAG resources - posted by Ephraim Anierobi <ep...@apache.org> on 2023/10/13 15:14:13 UTC, 0 replies.
- CVE-2023-42663: Apache Airflow: Bypass permission verification to view task instances of other dags - posted by Ephraim Anierobi <ep...@apache.org> on 2023/10/13 15:14:32 UTC, 0 replies.
- Release Apache Wayang (incubating) 0.71 - posted by Alexander Alten <al...@apache.org> on 2023/10/13 16:14:58 UTC, 1 replies.
- [ANNOUNCE] Apache bRPC 1.6.1 released - posted by Lorin Lee <lo...@apache.org> on 2023/10/14 08:25:40 UTC, 0 replies.
- [ANN] Apache Tomcat 11.0.0-M13 (alpha) available - posted by Mark Thomas <ma...@apache.org> on 2023/10/14 13:29:51 UTC, 0 replies.
- [ANNOUNCE] Apache IoTDB 1.2.2 released - posted by Haonan Hou <ha...@apache.org> on 2023/10/15 15:55:42 UTC, 0 replies.
- [ANNOUNCE] Apache Solr 9.4.0 released - posted by Alex Deparvu <st...@apache.org> on 2023/10/15 20:29:37 UTC, 1 replies.
- CVE-2023-43666: Apache InLong: General user Unauthorized access User Management - posted by Charles Zhang <do...@apache.org> on 2023/10/16 01:51:32 UTC, 0 replies.
- CVE-2023-43667: Apache InLong: Log Injection in Global functions - posted by Charles Zhang <do...@apache.org> on 2023/10/16 01:51:40 UTC, 0 replies.
- CVE-2023-43668: Apache InLong: Jdbc Connection Security Bypass in InLong - posted by Charles Zhang <do...@apache.org> on 2023/10/16 01:51:45 UTC, 0 replies.
- CVE-2023-45757: Apache bRPC: The builtin service rpcz page has an XSS attack vulnerability - posted by Wang Weibing <ww...@apache.org> on 2023/10/16 02:00:08 UTC, 0 replies.
- [ANNOUNCE] Apache Jackrabbit Oak 1.58.0 released - posted by Julian Reschke <re...@apache.org> on 2023/10/16 08:18:14 UTC, 0 replies.
- [ANNOUNCE] Release Apache OpenDAL(incubating) 0.41.0 - posted by Suyan <su...@apache.org> on 2023/10/16 09:03:13 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Python Client 2.7.2 Released - posted by Ephraim Anierobi <ep...@apache.org> on 2023/10/16 09:39:13 UTC, 0 replies.
- [ANN] Apache Tomcat 10.1.15 available - posted by Christopher Schultz <sc...@apache.org> on 2023/10/16 11:45:30 UTC, 0 replies.
- [ANN] Apache Tomcat 8.5.95 available - posted by Christopher Schultz <sc...@apache.org> on 2023/10/16 11:57:11 UTC, 0 replies.
- [ANN] Apache TomEE 9.1.1 - posted by Richard Zowalla <rz...@apache.org> on 2023/10/16 18:42:35 UTC, 0 replies.
- [ANNOUNCE] Apache Wicket 10.0.0-M2 released - posted by Andrea Del Bene <ad...@apache.org> on 2023/10/16 19:42:53 UTC, 0 replies.
- [ANNOUNCE] Release Apache DolphinScheduler 3.2.0 - posted by Jay Chung <zh...@apache.org> on 2023/10/17 03:22:07 UTC, 0 replies.
- [ANNOUNCE] Apache DolphinScheduler Python SDK 4.0.4 Released - posted by Jay Chung <zh...@apache.org> on 2023/10/17 04:00:00 UTC, 0 replies.
- [ANNOUNCE] Apache XBean 4.24 release - posted by fpapon <fp...@apache.org> on 2023/10/17 07:35:55 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Providers prepared on October 13, 2023 are released - posted by Elad Kalif <el...@apache.org> on 2023/10/17 07:53:22 UTC, 0 replies.
- [ANNOUNCE] Apache Beam 2.51.0 Released - posted by Kenneth Knowles <ke...@apache.org> on 2023/10/18 15:35:09 UTC, 0 replies.
- CVE-2023-46227: Apache inlong has an Arbitrary File Read Vulnerability - posted by Charles Zhang <do...@apache.org> on 2023/10/19 02:34:06 UTC, 0 replies.
- CVE-2023-25753: Server-Side Request Forgery in Apache ShenYu - posted by Zhang Yonglun <zh...@apache.org> on 2023/10/19 04:34:43 UTC, 0 replies.
- [ANNOUNCEMENT] Apache HTTP Server 2.4.58 Released - posted by icing <ic...@apache.org> on 2023/10/19 09:27:44 UTC, 0 replies.
- CVE-2023-31122: Apache HTTP Server: mod_macro buffer over-read - posted by Stefan Eissing <ic...@apache.org> on 2023/10/19 09:40:10 UTC, 0 replies.
- CVE-2023-43622: Apache HTTP Server: DoS in HTTP/2 with initial windows size 0 - posted by Stefan Eissing <ic...@apache.org> on 2023/10/19 09:40:49 UTC, 0 replies.
- CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST - posted by Stefan Eissing <ic...@apache.org> on 2023/10/19 09:41:13 UTC, 0 replies.
- CVE-2023-44483: Apache Santuario: Private Key disclosure in debug-log output - posted by Colm O hEigeartaigh <co...@apache.org> on 2023/10/20 09:08:43 UTC, 0 replies.
- [ANNOUNCE] Apache MINA SSHD 2.9.3 released - posted by Guillaume Nodet <gn...@apache.org> on 2023/10/20 11:21:47 UTC, 0 replies.
- [ANNOUNCE] Apache MINA SSHD 2.11.0 released - posted by Guillaume Nodet <gn...@apache.org> on 2023/10/20 11:22:34 UTC, 0 replies.
- [ANNOUNCE] Apache Tika 2.9.1 released - posted by Tim Allison <ta...@apache.org> on 2023/10/20 18:38:30 UTC, 0 replies.
- [ANNOUNCE] Apache Solr Operator v0.8.0 released - posted by Jason Gerlowski <ge...@apache.org> on 2023/10/20 21:13:30 UTC, 0 replies.
- [ANNOUNCE] mod_perl-2.0.13 - posted by Steve Hay <st...@apache.org> on 2023/10/21 10:43:53 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Providers prepared on October 18, 2023 are released - posted by Elad Kalif <el...@apache.org> on 2023/10/21 20:04:24 UTC, 0 replies.
- [ANNOUNCE] Apache DS 2.0.0.AM27 released - posted by Emmanuel Lecharny <el...@apache.org> on 2023/10/21 22:35:54 UTC, 0 replies.
- [ANNOUNCEMENT] Apache SkyWalking BanyanDB 0.5.0 Released - posted by Hongtao Gao <ha...@apache.org> on 2023/10/23 01:22:10 UTC, 0 replies.
- [ANNOUNCEMENT] Apache SkyWalking Go 0.3.0 Released - posted by han liu <li...@apache.org> on 2023/10/23 03:46:01 UTC, 0 replies.
- [ANNOUNCE] Apache Geronimo TXManager 4.0.0 release - posted by fpapon <fp...@apache.org> on 2023/10/23 13:11:55 UTC, 0 replies.
- CVE-2023-46288: Apache Airflow: Sensitive parameters exposed in API when "non-sensitive-only" configuration is set - posted by Jarek Potiuk <po...@apache.org> on 2023/10/23 15:38:43 UTC, 0 replies.
- [ANNOUNCE] Apache Pekko (Incubating) gRPC 1.0.1 available - posted by PJ Fanning <fa...@apache.org> on 2023/10/24 17:22:46 UTC, 0 replies.
- [ANN] Apache Maven 4.0.0-alpha-8 released - posted by Guillaume Nodet <gn...@apache.org> on 2023/10/25 13:39:18 UTC, 0 replies.
- [ANN] Apache ActiveMQ 5.18.3 has been released! - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2023/10/26 05:57:05 UTC, 0 replies.
- [ANN] Apache ActiveMQ 5.17.6 has been released! - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2023/10/26 06:17:39 UTC, 0 replies.
- [ANN] Apache ActiveMQ 5.16.7 has been released! - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2023/10/26 07:38:39 UTC, 0 replies.
- [ANNOUNCE] Apache Commons IO 2.15.0 - posted by Gary Gregory <gg...@apache.org> on 2023/10/26 11:48:35 UTC, 0 replies.
- [ANNOUNCE] Apache Commons CLI 1.6.0 - posted by Gary Gregory <gg...@apache.org> on 2023/10/27 10:48:58 UTC, 0 replies.
- CVE-2023-46604: Apache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack - posted by "Christopher L. Shannon" <cs...@apache.org> on 2023/10/27 14:44:26 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 4.0.2 (LTS) Release - posted by Gregor Zurowski <gz...@apache.org> on 2023/10/27 15:27:25 UTC, 0 replies.
- CVE-2023-46215: Apache Airflow Celery provider, Apache Airflow: Sensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend - posted by Elad Kalif <el...@apache.org> on 2023/10/28 06:30:29 UTC, 0 replies.
- [ANNOUNCE] Apache Commons Text 1.11.0 - posted by Gary Gregory <gg...@apache.org> on 2023/10/30 12:08:02 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 3.21.2 (LTS) Released - posted by Gregor Zurowski <gz...@apache.org> on 2023/10/30 12:08:20 UTC, 0 replies.
- [ANNOUNCE] Apache Qpid JMS 2.5.0 released - posted by Robbie Gemmell <ro...@apache.org> on 2023/10/30 14:28:01 UTC, 0 replies.
- [ANNOUNCE] Apache Qpid JMS 1.11.0 released - posted by Robbie Gemmell <ro...@apache.org> on 2023/10/30 14:28:41 UTC, 0 replies.
- [ANNOUNCE] Call for Presentations now open: Community over Code EU 2024 - posted by Ryan Skraba <rs...@apache.org> on 2023/10/30 17:06:18 UTC, 0 replies.
- [ANN] Apache Struts 2.5.x EOL - posted by Lukasz Lenart <lu...@apache.org> on 2023/10/31 05:37:08 UTC, 0 replies.
- [ANNOUNCE] Apache Pekko (Incubating) Projection 1.0.0 available - posted by PJ Fanning <fa...@apache.org> on 2023/10/31 18:17:39 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Providers prepared on October 28, 2023 are released - posted by Elad Kalif <el...@apache.org> on 2023/10/31 20:32:23 UTC, 0 replies.