CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
all versions through 2.2.33 and 2.4.26
Description:
The value placeholder in [Proxy-]Authorization headers
of type 'Digest' was not initialized or
CVE-2017-9789: Read after free in mod_http2.c
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
httpd 2.4.26
Description:
When under stress, closing many connections, the HTTP/2
handling code would sometimes access memory after it has
been freed, resulting in
The Apache Openmeetings project is pleased to announce
the release of Apache Openmeetings 3.3.0.
The release is available for download from
http://openmeetings.apache.org/downloads.html
Apache OpenMeetings provides video conferencing, instant messaging, white board,
collaborative document editing
The Apache Software Foundation and the Apache Yetus Project are pleased to
announce the release of version 0.5.0 of Apache Yetus.
Apache Yetus is a collection of libraries and tools that enable contribution
and release processes for software projects. It provides a robust system
for
The Apache Struts group is pleased to announce that Struts 2.5.12 is
available as a “General Availability” release. The GA designation is
our highest quality grade.
Apache Struts 2 is an elegant, extensible framework for creating
enterprise-ready Java web applications. The framework is designed
It’s a great pleasure to announce the release of Apache OpenWebBeans-1.7.4.
Apache OpenWebBeans is a CDI container (Contexts and Dependency Injection for
Java) and targets the CDI-1.2 specification (JavaEE 7). We pass the standalone
CDI TCK and the JavaEE7 WebProfile part of the CDI-TCK (in
The Apache Jackrabbit community is pleased to announce the release of
Apache Jackrabbit 2.14.2. The release is available for download at:
https://jackrabbit.apache.org/jcr/downloads.html#v2.14
See the full release notes below for details about this release:
Release Notes -- Apache