announce@apache.org, 2024-04

You are viewing a plain text version of this content. The canonical link for it is here.

- [ANNOUNCE] Apache Johnzon 2.0.1 - posted by Markus Jung <ju...@apache.org> on 2024/04/01 19:15:20 UTC, 0 replies.
- [ANNOUNCE] Apache Zeppelin 0.11.1 available - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/02 01:05:08 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar 3.0.4 released - posted by Lari Hotari <lh...@apache.org> on 2024/04/02 06:41:50 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar Client C++ 3.5.1 released - posted by Yunze Xu <xy...@apache.org> on 2024/04/02 06:43:25 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar 3.2.2 released - posted by Lari Hotari <lh...@apache.org> on 2024/04/02 06:49:30 UTC, 0 replies.
- CVE-2024-29834: Apache Pulsar: Improper Authorization For Namespace and Topic Management Endpoints - posted by Lari Hotari <lh...@apache.org> on 2024/04/02 07:31:07 UTC, 0 replies.
- [ANNOUNCE] Apache Hive 4.0.0 Released - posted by Ayush Saxena <ay...@apache.org> on 2024/04/02 10:58:23 UTC, 0 replies.
- [ANNOUNCE] Apache Tika 2.9.2 released - posted by Tim Allison <ta...@apache.org> on 2024/04/02 18:31:11 UTC, 0 replies.
- [ANNOUNCE] Apache Commons Imaging 1.0.0-alpha4 - posted by Gary Gregory <gg...@apache.org> on 2024/04/02 19:41:24 UTC, 0 replies.
- [ANNOUNCE] Apache Commons Collections 4.5.0-M1 - posted by Gary Gregory <gg...@apache.org> on 2024/04/02 20:41:25 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Providers prepared on March 25, 2024 are released - posted by Jarek Potiuk <po...@apache.org> on 2024/04/03 13:15:55 UTC, 0 replies.
- [ANNOUNCE] Apache Traffic Server 9.2.4 and 8.1.10 are released - posted by Bryan Call <bc...@apache.org> on 2024/04/03 19:07:07 UTC, 0 replies.
- [ANNOUNCE] Release Apache Traffic Control 8.0.1 - posted by R S <rs...@apache.org> on 2024/04/03 21:55:59 UTC, 0 replies.
- [ADVISORY] Apache CloudStack Security Releases 4.18.1.1 and 4.19.0.1 - posted by Rohit Yadav <ro...@apache.org> on 2024/04/04 05:09:50 UTC, 0 replies.
- [ANNOUNCEMENT] Apache HTTP Server 2.4.59 Released - posted by covener <co...@apache.org> on 2024/04/04 13:54:06 UTC, 0 replies.
- CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames - posted by Eric Covener <co...@apache.org> on 2024/04/04 13:56:54 UTC, 0 replies.
- CVE-2023-38709: Apache HTTP Server: HTTP response splitting - posted by Eric Covener <co...@apache.org> on 2024/04/04 13:57:10 UTC, 0 replies.
- CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules - posted by Eric Covener <co...@apache.org> on 2024/04/04 13:57:26 UTC, 0 replies.
- [ANNOUNCE] Apache Mynewt 1.12.0 and Apache Mynewt NimBLE 1.7.0 released - posted by Szymon Janc <ja...@apache.org> on 2024/04/04 14:30:09 UTC, 0 replies.
- [ANNOUNCE] Apache Calcite Avatica 1.25.0 Released - posted by Francis Chuang <fr...@apache.org> on 2024/04/05 05:45:39 UTC, 0 replies.
- [ANNOUNCE] Apache Kafka 3.6.2 - posted by Manikumar <ma...@apache.org> on 2024/04/05 06:06:29 UTC, 0 replies.
- CVE-2024-24746: Apache NimBLE: Denial of service in NimBLE Bluetooth stack - posted by Szymon Janc <ja...@apache.org> on 2024/04/05 07:20:07 UTC, 0 replies.
- [ANN] Apache ActiveMQ 6.1.1 has been released! - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2024/04/05 16:56:33 UTC, 0 replies.
- [ANNOUNCE] Apache Storm 2.6.2 Released - posted by Richard Zowalla <rz...@apache.org> on 2024/04/05 18:13:10 UTC, 0 replies.
- [ANNOUNCE] Apache Guacamole 1.5.5 released - posted by Michael Jumper <mj...@apache.org> on 2024/04/06 19:16:29 UTC, 0 replies.
- [ANNOUNCE] Apache APISIX 3.9.0 has been released - posted by Abhishek Choudhary <sh...@apache.org> on 2024/04/08 02:51:15 UTC, 0 replies.
- [ANN] Apache TomEE 10.0.0-M1 - posted by Richard Zowalla <rz...@apache.org> on 2024/04/08 08:14:49 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow 2.9.0 Released - posted by Ephraim Anierobi <ep...@apache.org> on 2024/04/08 12:03:32 UTC, 0 replies.
- CVE-2024-31860: Apache Zeppelin: Path traversal vulnerability - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 02:09:08 UTC, 0 replies.
- CVE-2021-28656: Apache Zeppelin: CSRF vulnerability in the Credentials page - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 02:10:27 UTC, 0 replies.
- CVE-2022-47894: Apache Zeppelin SAP: connecting to a malicious SAP server allowed it to perform XXE - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 02:36:20 UTC, 0 replies.
- CVE-2024-31862: Apache Zeppelin: Denial of service with invalid notebook name - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 02:37:39 UTC, 0 replies.
- CVE-2024-31863: Apache Zeppelin: Replacing other users notebook, bypassing any permissions - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 02:39:31 UTC, 0 replies.
- [ANNOUNCE] Apache Groovy 5.0.0-alpha-8 released - posted by Paul King <pa...@apache.org> on 2024/04/09 05:06:01 UTC, 0 replies.
- [ANNOUNCE] Apache Groovy 4.0.21 released - posted by Paul King <pa...@apache.org> on 2024/04/09 06:13:19 UTC, 0 replies.
- [ANNOUNCE] Apache Jackrabbit Oak 1.62.0 released - posted by Julian Reschke <re...@apache.org> on 2024/04/09 09:06:36 UTC, 0 replies.
- [ANNOUNCE] Apache Kyuubi Shaded released 0.4.0 - posted by Cheng Pan <ch...@apache.org> on 2024/04/09 10:03:06 UTC, 0 replies.
- [ANNOUNCE] Apache Commons IO 2.16.1 - posted by Gary Gregory <gg...@apache.org> on 2024/04/09 11:15:57 UTC, 0 replies.
- CVE-2024-31864: Apache Zeppelin: Remote code execution by adding malicious JDBC connection string - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 14:43:06 UTC, 0 replies.
- CVE-2024-31865: Apache Zeppelin: Cron arbitrary user impersonation with improper privileges - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 14:43:43 UTC, 0 replies.
- CVE-2024-31866: Apache Zeppelin: Interpreter download command does not escape malicious code injection - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 14:45:01 UTC, 0 replies.
- CVE-2024-31868: Apache Zeppelin: XSS vulnerability in the helium module - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 14:46:58 UTC, 0 replies.
- CVE-2024-31867: Apache Zeppelin: LDAP search filter query Injection Vulnerability - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/09 15:06:59 UTC, 0 replies.
- DotPulsar version 3.2.0 - posted by David Jensen <dj...@apache.org> on 2024/04/09 15:15:21 UTC, 0 replies.
- [ANNOUNCE] Apache Daffodil 3.7.0 Released - posted by Steve Lawrence <sl...@apache.org> on 2024/04/10 12:17:43 UTC, 0 replies.
- CVE-2024-31309: Apache Traffic Server: HTTP/2 CONTINUATION frames can be utilized for DoS attack - posted by Bryan Call <bc...@apache.org> on 2024/04/10 15:16:21 UTC, 0 replies.
- CVE-2024-31861: Apache Zeppelin: Code injection by Shell interpreter - posted by Jongyoul Lee <jo...@apache.org> on 2024/04/10 16:18:45 UTC, 0 replies.
- [ANNOUNCE] Apache Superset version 4.0.0 released - posted by "Michael S. Molina" <mi...@apache.org> on 2024/04/11 12:03:42 UTC, 0 replies.
- [ANNOUNCE] Apache BookKeeper 4.16.5 released - posted by Nicolò Boschi <ni...@apache.org> on 2024/04/11 14:14:18 UTC, 0 replies.
- [ANN] Apache ActiveMQ "Classic" 5.18.4 has been released! - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2024/04/11 15:19:12 UTC, 0 replies.
- [ANNOUNCE] Apache Geronimo Arthur 1.0.9 released - posted by fpapon <fp...@apache.org> on 2024/04/11 15:32:59 UTC, 0 replies.
- CVE-2024-27309: Apache Kafka: Potential incorrect access control during migration from ZK mode to KRaft mode - posted by Colin McCabe <cm...@apache.org> on 2024/04/11 22:45:54 UTC, 0 replies.
- CVE-2024-31391: Apache Solr Operator: Solr-Operator liveness and readiness probes may leak basic auth credentials - posted by Jason Gerlowski <ge...@apache.org> on 2024/04/12 14:32:28 UTC, 0 replies.
- [ANNOUNCE] Apache Solr Operator v0.8.1 released - posted by Jason Gerlowski <ge...@apache.org> on 2024/04/12 14:40:20 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Providers prepared on April 10, 2024 are released - posted by Elad Kalif <el...@apache.org> on 2024/04/13 18:18:27 UTC, 0 replies.
- [ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.5.4 - posted by Chris Bono <on...@apache.org> on 2024/04/15 19:58:06 UTC, 0 replies.
- [ANN] Apache TomEE 9.1.3 - posted by Richard Zowalla <rz...@apache.org> on 2024/04/15 20:39:43 UTC, 0 replies.
- [ANNOUNCE] Apache Qpid proton-dotnet 1.0.0-M10 released - posted by Timothy Bish <ta...@apache.org> on 2024/04/15 23:09:10 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Providers prepared on April 13, 2024 are released - posted by Elad Kalif <el...@apache.org> on 2024/04/16 07:32:15 UTC, 0 replies.
- [ANN] Apache Tomcat 11.0.0-M19 (alpha) available - posted by Rémy Maucherat <re...@apache.org> on 2024/04/16 15:03:22 UTC, 0 replies.
- [ANN] Apache Tomcat 9.0.88 available - posted by Rémy Maucherat <re...@apache.org> on 2024/04/16 15:07:08 UTC, 0 replies.
- [ANNOUNCE] Apache Hive 1.x EOL - posted by Stamatis Zampetakis <za...@apache.org> on 2024/04/17 09:43:14 UTC, 0 replies.
- [ANNOUNCE] Apache Commons Text Version 1.12.0 - posted by Gary Gregory <gg...@apache.org> on 2024/04/17 13:22:56 UTC, 0 replies.
- CVE-2024-31869: Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used - posted by Ephraim Anierobi <ep...@apache.org> on 2024/04/17 22:19:39 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar Node.js client 1.11.0 released - posted by Baodi Shi <ba...@apache.org> on 2024/04/18 01:05:36 UTC, 0 replies.
- [ANNOUNCE] Apache Commons CLI Version 1.7.0 - posted by Gary Gregory <gg...@apache.org> on 2024/04/18 01:39:05 UTC, 0 replies.
- [ANNOUNCE] Apache Geronimo XBean 4.25 released - posted by fpapon <fp...@apache.org> on 2024/04/18 05:51:02 UTC, 0 replies.
- [ANNOUNCE] Apache Commons Imaging 1.0.0-alpha5 - posted by Gary Gregory <gg...@apache.org> on 2024/04/18 15:06:36 UTC, 0 replies.
- [ANNOUNCE] Apache ServiceComb Java Chassis version 2.8.16 Released - posted by liubao <li...@apache.org> on 2024/04/19 01:35:44 UTC, 0 replies.
- [ANNOUNCE] Apache ServiceComb Java Chassis version 3.1.0 Released - posted by liubao <li...@apache.org> on 2024/04/19 01:36:12 UTC, 0 replies.
- CVE-2024-29217: Apache Answer: XSS vulnerability when changing personal website - posted by Enxin Xie <li...@apache.org> on 2024/04/19 02:07:48 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar Client Python 3.5.0 released - posted by Yunze Xu <xy...@apache.org> on 2024/04/19 04:53:11 UTC, 0 replies.
- CVE-2024-29733: Apache Airflow FTP Provider: FTP_TLS instance with unverified SSL context - posted by Elad Kalif <el...@apache.org> on 2024/04/19 10:08:59 UTC, 0 replies.
- [ANNOUNCEMENT] Apache CloudStack LTS Maintenance Release 4.18.2.0 - posted by João Jandre <jo...@apache.org> on 2024/04/19 12:51:38 UTC, 0 replies.
- [ANN] Apache Struts 6.4.0 - posted by Lukasz Lenart <lu...@apache.org> on 2024/04/20 08:43:52 UTC, 0 replies.
- [ANNOUNCE] Apache Pulsar Helm Chart version 3.4.0 Released - posted by Lari Hotari <lh...@apache.org> on 2024/04/20 14:01:23 UTC, 0 replies.
- [ANNOUNCE] Apache Airflow Providers prepared on April 16, 2024 are released - posted by Elad Kalif <el...@apache.org> on 2024/04/21 08:00:54 UTC, 0 replies.
- CVE-2024-27347: Apache HugeGraph-Hubble: SSRF in Hubble connection page - posted by Imba Jin <ji...@apache.org> on 2024/04/22 07:13:19 UTC, 0 replies.
- CVE-2024-27348: Apache HugeGraph-Server: Command execution in gremlin - posted by Imba Jin <ji...@apache.org> on 2024/04/22 07:32:34 UTC, 0 replies.
- CVE-2024-27349: Apache HugeGraph-Server: Bypass whitelist in Auth mode - posted by Imba Jin <ji...@apache.org> on 2024/04/22 07:42:13 UTC, 0 replies.
- [ANNOUNCE] Apache IoTDB 1.3.1 released - posted by Haonan Hou <ha...@apache.org> on 2024/04/22 09:46:45 UTC, 0 replies.
- [ANN] Apache Tomcat 10.1.23 Available - posted by Christopher Schultz <sc...@apache.org> on 2024/04/23 20:35:37 UTC, 0 replies.
- [ANNOUNCE] OpenNLP 2.3.3 released - posted by Martin Wiesner <ma...@apache.org> on 2024/04/25 08:35:44 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 4.4.2 (LTS) Released - posted by Gregor Zurowski <gz...@apache.org> on 2024/04/25 14:40:54 UTC, 0 replies.
- [ANNOUNCE] Apache bRPC 1.9.0 released - posted by Shuai Liu <se...@apache.org> on 2024/04/26 04:31:50 UTC, 0 replies.
- [ANNOUNCE] Apache Camel 4.0.5 (LTS) Release - posted by Gregor Zurowski <gz...@apache.org> on 2024/04/26 11:27:05 UTC, 0 replies.
- [ANNOUNCE] Apache Kyuubi 1.7.4 is available - posted by Cheng Pan <ch...@apache.org> on 2024/04/26 14:51:17 UTC, 0 replies.
- [ANNOUNCE] Apache Kyuubi 1.8.2 is available - posted by Cheng Pan <ch...@apache.org> on 2024/04/26 14:52:14 UTC, 0 replies.
- [ANNOUNCE] Apache Commons BCEL Version 6.9.0 - posted by Gary Gregory <gg...@apache.org> on 2024/04/27 14:03:10 UTC, 0 replies.
- [ANNOUNCE] Apache Commons Codec 1.17.0 - posted by Gary Gregory <gg...@apache.org> on 2024/04/27 14:08:12 UTC, 0 replies.
- [ANNOUNCE] Apache Solr 9.6.0 released - posted by Gus Heck <gu...@apache.org> on 2024/04/28 17:57:36 UTC, 0 replies.
- [ANN] Apache ActiveMQ Classic 6.1.2 has been released! - posted by Jean-Baptiste Onofré <jb...@apache.org> on 2024/04/29 07:38:26 UTC, 0 replies.
- [ANNOUNCE] Apache APISIX 3.8.1 has been released - posted by Xin Rong <al...@apache.org> on 2024/04/29 11:20:00 UTC, 0 replies.
- [ANNOUNCE] Apache APISIX 3.9.1 has been released - posted by Xin Rong <al...@apache.org> on 2024/04/29 12:21:00 UTC, 0 replies.
- [ANNOUNCE] Apache Arrow 16.0.0 released - posted by Raúl Cumplido <ra...@apache.org> on 2024/04/29 13:41:52 UTC, 0 replies.
- [ANNOUNCE] Apache Nutch 1.20 Release - posted by lewis john mcgibbney <le...@apache.org> on 2024/04/30 17:10:32 UTC, 0 replies.