You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Swapnil M Mane <sw...@apache.org> on 2021/11/19 17:52:58 UTC
The Apache News Round-up: week ending 19 November 2021
Happy Friday, everyone. The Apache community has had another great
week. Let's review what we've been up to:
ASF Board – management and oversight of the business affairs of the
corporation in accordance with the Foundation's bylaws.
- Next Board Meeting: 15 December 2021. Board calendar and minutes
https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps
the ASF's infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 99.57%. Performance checks across
50 different service components spread over more than 250 machines in
data centers around the world. View the ASF's Infrastructure Uptime
site to see the most recent averages. http://www.apache.org/uptime/
Apache Code Snapshot – Over the past week, 340 Apache Committers
changed 4,175,400 lines of code over 3,102 commits. Top 5
contributors, in order, are: Daniel Gruno, Christofer Dutz, Sebastian
Rühl, Sebastian Bazley, and Claus Ibsen.
Apache Project Announcements – the latest updates by category.
Big Data --
- Apache Arrow 6.0.1 released https://arrow.apache.org/
- Apache Ozone 1.2.0 released https://ozone.apache.org/
-- CVE-2021-36372: Original block tokens are persisted and can be
retrieved https://s.apache.org/nql6q
-- CVE-2021-39231: Missing authentication/authorization on internal
RPC endpoints https://s.apache.org/chtzo
-- CVE-2021-39232: Missing admin check for SCM related admin
commands https://s.apache.org/4nhi5
-- CVE-2021-39233: Container-related datanode operations can be
called without authorization https://s.apache.org/4dwge
-- CVE-2021-39234: Raw block data can be read bypassing
ACL/authorization https://s.apache.org/vc49o
-- CVE-2021-39235: Access mode of block tokens are not enforced
https://s.apache.org/uqtng
-- CVE-2021-39236: Owners of the S3 tokens are not validated
https://s.apache.org/zbryc
-- CVE-2021-41532: Unauthenticated access to Ozone Recon HTTP
endpoints https://s.apache.org/lts4j
Business Intelligence --
- Apache Superset CVE-2021-42250: Possible log injection
https://s.apache.org/rkqje
Content --
- Apache Jackrabbit Oak 1.6.22 released http://jackrabbit.apache.org/
Integration --
- Apache Camel 3.13.0 released https://camel.apache.org/
IoT --
- Apache IoTDB 0.12.3 released https://iotdb.apache.org/
Cloud Computing --
- Apache CloudStack 4.16.0.0 released https://cloudstack.apache.org/
Observability --
- Apache SkyWalking Infra E2E 1.1.0 released https://skywalking.apache.org/
Programming Languages --
- Apache Groovy 4.0.0-beta-2 released https://groovy.apache.org/
Search --
- Apache Lucene 8.11.0 released http://lucene.apache.org/
- Apache Solr 8.11.0 and Operator v0.5.0 released http://solr.apache.org/
Servers --
- Apache Tomcat 8.5.73, 9.0.55, 10.0.13, 10.1.0-M7 (alpha) released
https://tomcat.apache.org/
- Apache HttpComponents Client 5.1.2 GA released https://hc.apache.org/
- Apache Traffic Control: CVE-2021-43350: LDAP filter injection
vulnerability in Traffic Ops https://s.apache.org/cfmao
Web Frameworks --
- Apache Struts 2.5.27 released https://struts.apache.org/
Did You Know?
- Did you know that the ASF's Corporate Contribution options include
Employee Giving Programs, Volunteer Grants, and Corporate Matching
Gifts? End-of-year donations are welcome in any amount --thank you in
advance for considering supporting the ASF!
https://apache.org/foundation/contributing#support-the-asf-today
- Did you know that Apache Pinot was featured in the Disney comedy
film, "Home Sweet Home Alone"?
https://twitter.com/ApachePinot/status/1459378780586262528
- Did you know that Apache DolphinScheduler v2.0 is 20x more
performant than previous versions? http://dolphinscheduler.apache.org/
Apache Community Notices
- The Apache Month in Review: October 2021
https://s.apache.org/October2021 and video highlights
https://youtu.be/3rPR6tNt-dg
- Watch "Trillions and Trillions Served", the documentary on the ASF
1) full feature https://www.youtube.com/watch?v=JUt2nb0mgwg [49 min]
2) "Apache Everywhere" https://www.youtube.com/watch?v=nXtIti9jMFI [6
min] 3) "Why Apache" https://www.youtube.com/watch?v=YM5dLvNatRs [2.5
min] 4) “Apache Innovation”
https://www.youtube.com/watch?v=qkvqJaX4S50 [40 min]
- ASF Annual Report: FY2021 -- Press release
https://blogs.apache.org/foundation/entry/the-apache-software-foundation-announces78
and Report https://www.apache.org/foundation/docs/FY2021AnnualReport.pdf
(PDF)
- The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI
- Foundation Reports and Statements
http://www.apache.org/foundation/reports.html
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are
available on the ASF YouTube channel.
https://www.youtube.com/c/TheApacheFoundation/
- "Success at Apache" focuses on the people and processes behind why
the ASF "just works."
https://blogs.apache.org/foundation/category/SuccessAtApache
- Inside Infra: the new interview series with members of the ASF
infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInfra-Drew
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III
https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and
Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and
Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and
Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL
and Part II https://s.apache.org/InsideInfra-ChrisL2
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
- Are your software solutions Powered by Apache? Download & use our
"Powered By" logos.
http://www.apache.org/foundation/press/kit/#poweredby
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail
to announce-subscribe@apache.org and follow @TheASF on Twitter. For a
broader spectrum from the Apache community,
https://twitter.com/PlanetApache provides an aggregate of Project
activities as well as the personal blogs and tweets of select ASF
Committers.
= = =
NOTE: you are receiving this message because you are subscribed to the
announce@apache.org distribution list. To unsubscribe, send email from
the recipient account to announce-unsubscribe@apache.org with the word
"Unsubscribe" in the subject line.
Best regards,
Swapnil M Mane,
www.apache.org