announce  

Messages by Thread

• [ANNOUNCE] Apache Avro 1.11.3 released Ryan Skraba
• [ANNOUNCEMENT] Apache SkyWalking BanyanDB Helm 0.1.0 Released Hongtao Gao
• [ANNOUNCE] Apache Camel 4.0.1 Release Gregor Zurowski
• [ANNOUNCEMENT] HttpComponents Core 5.2.3 GA released Oleg Kalnichevski
• [ANNOUNCE] Apache Kyuubi released 1.7.3 Zhen Wang
• [ANNOUNCE] Apache Arrow ADBC 0.7.0 released David Li
• [ANNOUNCE] Release Apache Hop 2.6.0 Bart Maertens
• [ANN] Apache Karaf OSGi runtime 4.3.10 has been released! Jean-Baptiste Onofré
• [ANNOUNCE] Release Apache OpenDAL(incubating) v0.40.0 Xuanwo
• [ANNOUNCE] Apache Pinot 1.0.0 Released Xiang Fu
  • [ANNOUNCE] Apache Pinot 1.0.0 Released Xiang Fu
• [ANNOUNCE] Apache Pinot 1.0.0 release Saurabh Dubey
  • [ANNOUNCE] Apache Pinot 1.0.0 release Saurabh Dubey
  • [ANNOUNCE] Apache Pinot 1.0.0 release Saurabh Dubey
  • [ANNOUNCE] Apache Pinot 1.0.0 release Saurabh Dubey
• [ANNOUNCE] Apache Flink Stateful Functions Release 3.3.0 released Martijn Visser
• [ANNOUNCE] Apache IoTDB 1.2.1 released Haonan Hou
• [ANNOUNCE] Apache Wicket 9.15.0 released Andrea Del Bene
• [ANNOUNCE] Apache Allura 1.15.0 released Dave Brondsema
• [ANNOUNCEMENT] Apache Commons JCS 3.2 Released Thomas Vandahl
• [ANN] Apache Karaf OSGi runtime 4.4.4 has been released! Jean-Baptiste Onofré
• [ANNOUNCE] Apache Kyuubi released 1.7.2 Zhen Wang
• [ANNOUNCE] Apache APISIX Ingress controller v1.7.0 released Jintao Zhang
• [ANNOUNCE] Apache Airflow Providers prepared on September 14, 2023 are released Elad Kalif
• [ANNOUNCEMENT] Apache Commons DbUtils 1.8.1 Gary Gregory
• [ANNOUNCE] Apache Jackrabbit Oak 1.22.17 released Julian Reschke
• [ANNOUNCE] Apache Groovy 4.0.15 Released Paul King
• [ANNOUNCE] Apache Groovy 5.0.0-alpha-2 Released Paul King
• [ANNOUNCE] Apache Airflow Providers prepared on September 12, 2023 are released Elad Kalif
• CVE-2023-41267: Apache HDFS Provider error message suggested installation of incorrect pip package Elad Kalif
• [ANNOUNCE] Apache Arrow Flight SQL adapter for PostgreSQL 0.1.0 released Sutou Kouhei
• CVE-2023-42503: Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file Gary D. Gregory
• [ANN] Apache Struts 6.3.0.1, 6.1.2.2, 2.5.32 Lukasz Lenart
• [ANNOUNCE] Apache Kudu 1.17.0 Released Yingchun Lai
• [SECURITY] CVE-2023-41081 Apache Tomcat Connectors (mod_jk) Information Disclosure Mark Thomas
• [ANNOUNCE] - Establishing ALC Bangalore Chapter Aditya Sharma
• [ANN] Apache Tomcat Connectors 1.2.49 released Mark Thomas
• CVE-2023-40611: Apache Airflow Dag Runs Broken Access Control Vulnerability Ephraim Anierobi
• CVE-2023-40712: Apache Airflow: Secrets can be unmasked in the "Rendered Template" Ephraim Anierobi
• [ANNOUNCE] Apache MINA 2.2.3, 2.1.8 and 2.0.25 released Emmanuel Lecharny
• [ANNOUNCE] Apache Airflow Providers prepared on September 08, 2023 are released Elad Kalif
• [ANNOUNCEMENT] Apache Commons Compress 1.24.0 Gary Gregory
• [ANNOUNCE] Apache SkyWalking License Eyes 0.5.0 is out kezhenxu94
• [ANNOUNCE] Apache Jackrabbit 2.20.12 released Julian Reschke
• [ANNOUNCE] Apache Qpid Broker-J 9.1.0 released Tomas Vavricka
• [ANNOUNCE] Apache Mynewt 1.11.0 and Apache Mynewt NimBLE 1.6.0 released Szymon Janc
• [ANNOUNCE] Apache IoTDB 1.2.0 released Haonan Hou
• [ANNOUNCE] Apache Airflow 2.7.1 Released Ephraim Anierobi
• [ANNOUNCE] Apache Doris 2.0.1 & 1.2.7 release ChenMingyu
• [ANNOUNCE] Apache Fortress 3.0.0 Released Shawn McKinney
• CVE-2023-32672: Apache Superset: SQL parser edge case bypasses data access authorization Daniel Gaspar
• CVE-2023-37941: Apache Superset: Metadata db write access can lead to remote code execution Daniel Gaspar
• CVE-2023-39265: Apache Superset: Possible Unauthorized Registration of SQLite Database Connections Daniel Gaspar
• CVE-2023-39264: Apache Superset: Stack traces enabled by default Daniel Gaspar
• CVE-2023-27526: Apache Superset: Improper Authorization check on import charts Daniel Gaspar
• CVE-2023-27523: Apache Superset: Improper data permission validation on Jinja templated queries Daniel Gaspar
• CVE-2023-36388: Apache Superset: Improper API permission for low privilege users allows for SSRF Daniel Gaspar
• CVE-2023-36387: Apache Superset: Improper API permission for low privilege users Daniel Gaspar
• [ANNOUNCE] Apache Pekko (Incubating) CONNECTORS 1.0.0 available Matthew de Detrich
• [ANNOUNCE] Apache Pekko (Incubating) Persistence JDBC 1.0.0 available PJ Fanning
• CVE-2023-40743: Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getService Arnout Engelen
• [ANN] Apache Struts 6.3.0 Lukasz Lenart
• [ANNOUNCEMENT] Apache Commons DBCP 2.10.0 Gary Gregory
• [ANNOUNCE] Apache SkyWalking 9.6.0 released Sheng Wu
• [ANNOUNCE] Apache NiFi MiNiFi C++ 0.15.0 release Martin Zink
• CVE-2023-41180: Apache NiFi MiNiFi C++: Incorrect Certificate Validation in InvokeHTTP for MiNiFi C++ Marton Szasz
• [ANNOUNCE] Apache Jackrabbit Oak 1.56.0 released Julian Reschke
• [ANNOUNCE] Apache Airflow Providers prepared on August 29, 2023 are released Elad Kalif
• [ANNOUNCE] Apache APISIX 3.5.0 has been released Xin Rong
• [ANNOUNCE] Apache SkyWalking Java Agent 9.0.0 released Sheng Wu
• [ANNOUNCE] Beam 2.50.0 Released Robert Burke
• [ANNOUNCE] Apache Pulsar Client Python 3.3.0 released Baodi Shi
• [ANNOUNCE] Apache Pekko (Incubating) Sbt Paradox 1.0.0 available PJ Fanning
• [ANNOUNCE] Apache Airflow Providers prepared on August 26, 2023 are released Elad Kalif
• [ANN] Apache Tomcat 8.5.93 available Mark Thomas
• [SECURITY] CVE-2023-41080 Apache Tomcat - open redirect Mark Thomas
• [ANN] Apache Tomcat 10.1.13 available Mark Thomas
• [ANN] Apache Tomcat 9.0.80 available Mark Thomas
• [ANN] Apache Tomcat 11.0.0-M11 (alpha) available Mark Thomas
• CVE-2023-40195: Apache Airflow Spark Provider Deserialization Vulnerability RCE Elad Kalif
• CVE-2023-27604: Apache Airflow Sqoop Provider: Airflow Sqoop Provider RCE Vulnerability Elad Kalif
• [ANNOUNCE] Apache Arrow 13.0.0 released Raúl Cumplido
• [ANNOUNCE] Apache Airflow Python Client 2.7.0 Released Ephraim Anierobi
• [ANNOUNCE] Apache Accumulo 2.1.2 and 3.0.0 Christopher
• CVE-2023-39441: Apache Airflow SMTP Provider, Apache Airflow IMAP Provider, Apache Airflow: SMTP/IMAP client components allowed MITM due to missing Certificate Validation Ephraim Anierobi
• CVE-2023-37379: Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" feature Ephraim Anierobi
• CVE-2023-40273: Session fixation in Apache Airflow web interface Ephraim Anierobi
• [ANNOUNCE] Apache Groovy 5.0.0-alpha-1 Released Paul King
• [ANNOUNCE] Apache NiFi 1.23.2 Released David Handermann
• [ANNOUNCE] Call for Tracks - Community over Code EU 2024 Bratislava Ryan Skraba
• [ANNOUNCE] Apache Groovy 2.5.23 Released Paul King
• [ANNOUNCE] Apache Groovy 3.0.19 Released Paul King
• [ANNOUNCE] Apache Groovy 4.0.14 Released Paul King
• [ANNOUNCE] Apache Bigtop 3.2.1 released Masatake Iwasaki
• [ANNOUNCEMENT] HttpComponents Client 5.3-alpha1 Released (corrected) Oleg Kalnichevski
• [ANNOUNCE] Apache Pekko (Incubating) gRPC 1.0.0 available PJ Fanning
• CVE-2022-46751: Apache Ivy: XML External Entity vulnerability in Apache Ivy Stefan Bodewig
• [ANN] Apache Ivy 2.5.2 Released Stefan Bodewig
• [ANNOUNCE] Apache PDFBox 1.8.x End-Of-Life (EOL) Announcement Andreas Lehmkühler
• CVE-2023-40037: Apache NiFi: Incomplete Validation of JDBC and JNDI Connection URLs David Handermann
• [ANNOUNCE] Apache NiFi 1.23.1 Released David Handermann
• [ANNOUNCE] Release Apache OpenDAL(incubating) 0.39.0 Jun Ouyang
• [ANNOUNCE] Apache PDFBox 3.0.0 released Andreas Lehmkühler
• CVE-2023-40272: Apache Airflow Spark Provider Arbitrary File Read via JDBC Elad Kalif
• [ANNOUNCE] Apache Linkis 1.4.0 available Chen Xia
• [ANNOUNCE] Apache Hive 4.0.0-beta-1 Released Stamatis Zampetakis
• [ANN] Apache Tomcat 9.0.79 available Rémy Maucherat
• [ANN] Apache Tomcat 8.5.92 available Mark Thomas
• [ANN] Apache Tomcat 10.1.12 available Mark Thomas
• [ANN] Apache Tomcat 11.0.0-M10 (alpha) available Mark Thomas
• [ANNOUNCE] Apache Camel 4.0.0 Released Gregor Zurowski
• [ANNOUNCE] Apache Libcloud v3.8.0 Tomaz Muraus
• [ANNOUNCE] Apache Airflow Providers prepared on August 11, 2023 are released Elad Kalif
• [ANNOUNCE] Apache Pekko (Incubating) Management 1.0.0 available PJ Fanning
• [ANNOUNCE] Apache Jackrabbit 2.21.19 released Julian Reschke
• CVE-2023-39553: Apache Airflow Drill Provider Arbitrary File Read Vulnerability Elad Kalif
  • Re: CVE-2023-39553: Apache Airflow Drill Provider Arbitrary File Read Vulnerability Elad Kalif
• [ANNOUNCEMENT] Apache Storm 2.5.0 Bipin Prasad
  • [ANNOUNCEMENT] Apache Storm 2.5.0 Bipin Prasad
• [ANNOUNCE] Apache Airflow Providers prepared on August 09, 2023 are released Elad Kalif
• [ANNOUNCEMENT] Apache Commons DbUtils 1.8.0 Gary Gregory
• [ANNOUNCE] Apache Pulsar 3.0.1 released Zike Yang
• [ANNOUNCE] Apache Airflow Providers prepared on August 08, 2023 are released Elad Kalif
• [ANNOUNCE] Apache Pulsar Client C++ 3.3.0 released Yunze Xu
• [ANNOUNCE] Apache Airflow Providers prepared on are released Elad Kalif
• Fwd: [Announce] Breakout Schedule for Community Over Code NA Available Brian Proffitt
• [ANNOUNCE] Release Apache Kvrocks 2.5.1 hulk
• CVE-2023-39508: Apache Airflow: Airflow "Run task" feature allows execution with unnecessary priviledges Jarek Potiuk
• [ANN] Apache OpenNLP 2.3.0 released Richard Zowalla
• [ANNOUNCE] Apache Pekko (Incubating) HTTP 1.0.0 available PJ Fanning
• [ANNOUNCEMENT] Apache SkyWalking Cloud on Kubernetes 0.8.0 Released Ye Cao
• [ANNOUNCE] Apache bRPC 1.6.0 released Guangming Chen
  • [ANNOUNCE] Apache bRPC 1.6.0 released Guangming Chen
• [ANNOUNCE] Apache Guacamole 1.5.3 released Michael Jumper
• [ANNOUNCE] Apache Airflow Providers prepared on July 29, 2023 are released Elad Kalif
• [ANNOUNCE] Apache Pulsar 2.10.5 released Xiangying Meng
• [ANNOUNCE] Apache Qpid protonj2 1.0.0-M17 released Timothy Bish
• [ANNOUNCEMENT] Apache SkyWalking Go 0.2.0 Released han liu
• [ANNOUNCE] Apache Camel 4.0.0-RC2 Released Gregor Zurowski
• CVE-2023-36542: Apache NiFi: Potential Code Injection with Properties Referencing Remote Resources David Handermann
• [ANNOUNCEMENT] Apache Commons Lang 3.13.0 Gary Gregory
• [ANNOUNCE] Apache IoTDB 1.1.2 released Haonan Hou
• [ANNOUNCE] Apache Celeborn(incubating) 0.3.0 available zhongqiang chen
• [ANNOUNCE] Apache Calcite 1.35.0 released Xiong Duan
• [ANNOUNCE] Apache Pekko (Incubating) 1.0.1 available PJ Fanning
• CVE-2023-38647: Apache Helix: Deserialization vulnerability in Helix workflow and REST Junkai Xue
• CVE-2023-38435: Apache Felix Healthcheck Webconsole Plugin: XSS in healthcheck webconsole plugin Carsten Ziegeler
• CVE-2023-37895: Apache Jackrabbit RMI access can lead to RCE Julian Reschke
• CVE-2023-35088: Apache InLong: SQL injection in audit endpoint Charles Zhang
• CVE-2023-34434: Apache InLong: JDBC URL bypassing by allowLoadLocalInfileInPath param Charles Zhang
• [ANNOUNCE] Release Apache InLong 1.8.0 Verne Deng
• CVE-2023-34189: Apache InLong: General user can delete and update process Charles Zhang
• [ANNOUNCE] Apache Jackrabbit Oak 1.54.0 released Julian Reschke
• CVE-2023-34478: Apache Shiro before 1.12.0, or 2.0.0-alpha-3, may be susceptible to a path traversal attack when used together with APIs or other web frameworks that route requests based on non-normalized requests. Brian Demers
• [ANNOUNCE] Apache Jackrabbit 2.20.11 released Julian Reschke
• [ANNOUNCE] Apache Kafka 3.5.1 Divij Vaidya
• [ANNOUNCE] Apache Jackrabbit 2.21.18 released Julian Reschke
• [ANNOUNCE] Apache APISIX 3.2.2 has been released Xin Rong
• [ANNOUNCE] Apache Solr 9.3.0 released Houston Putman
• [ANNOUNCE] Apache Solr Operator v0.7.1 released Houston Putman
• [ANNOUNCE] Apache APISIX 3.4.1 has been released Xin Rong
• [ANNOUNCE][CVE-2023-34478] Apache Shiro 1.12.0 released fpapon
• [ANNOUNCE] Apache Airflow Providers prepared on July 17, 2023 are released Elad Kalif
• [ANNOUNCE] Apache Shiro 1.12.0 released fpapon
• [ANNOUNCE] Release Apache OpenDAL(incubating) 0.38.1 cai lue
• [ANNOUNCE] Apache Commons FileUpload 2.0.0-M1 Gary Gregory
• [ANNOUNCE] Apache Jackrabbit FileVault 3.7.0 released Konrad Windszus
• [ANNOUNCE] Apache SkyWalking Kubernetes 4.5.0 is available kezhenxu94
• CVE-2023-28754: ShardingSphere-Agent: Deserialization vulnerability in ShardingSphere Agent Weijie Wu
• [ANNOUNCE] Apache ShardingSphere on Cloud 0.3.0 available Liyao Miao
• [ANNOUNCE] Apache Jackrabbit Oak 1.22.16 released Julian Reschke
• [ANNOUNCE] Airflow Providers prepared on July 12, 2023 are released Elad Kalif
• CVE-2023-26512: Apache EventMesh RabbitMQ-Connector plugin allows RCE through deserialization of untrusted data Xue Weiming
• [ANN] Apache Causeway 2.0.0-RC2 released. Dan Haywood
• [ANNOUNCE] Apache PDFBox 3.0.0-beta1 released Andreas Lehmkühler
• [ANNOUNCE] Apache Pekko (Incubating) 1.0.0 available PJ Fanning
• CVE-2023-37415: Apache Airflow Apache Hive Provider: Improper Input Validation in Hive Provider with proxy_user Elad Kalif
• CVE-2023-37582: Apache RocketMQ: Possible remote code execution when using the update configuration function Rongtong Jin
• CVE-2023-32200: Apache Jena: Exposure of execution in script engine expressions. Andy Seaborne
• [ANNOUNCE] Apache JMeter 5.6.2 released Milamber
• [ANNOUNCE] Apache Avro 1.11.2 released Ryan Skraba
• CVE-2023-37579: Apache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source Credentials Dave Fisher
• CVE-2023-31007: Apache Pulsar: Broker does not always disconnect client when authentication data expires Dave Fisher
• CVE-2023-30429: Apache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar Proxy Dave Fisher
• CVE-2023-22888: Apache Airflow: Scheduler remote DoS Ephraim Anierobi
• CVE-2023-30428: Apache Pulsar Broker: Incorrect Authorization Validation for Rest Producer Dave Fisher
• CVE-2023-36543: Apache Airflow: ReDoS via dags function Ephraim Anierobi
• CVE-2022-46651: Apache Airflow: Security vulnerability on AirFlow Connections Ephraim Anierobi
• CVE-2023-22887: Apache Airflow path traversal by authenticated user Ephraim Anierobi
• CVE-2023-35908: Apache Airflow: Access to DAGs without relevant permission Ephraim Anierobi
• [ANNOUNCE] Release Apache Kvrocks 2.5.0 Colin Chamber
• [ANN] Apache Tomcat 11.0.0-M9 (alpha) available Mark Thomas
• [ANNOUNCE] Apache Airflow 2.6.3 Released Ephraim Anierobi
• [ANN] Apache Tomcat 8.5.91 available Christopher Schultz
• [ANN] Apache Tomcat 10.1.11 available Christopher Schultz
• [ANNOUNCE] Airflow Providers prepared on July 09, 2023 are released Elad Kalif
• [ANN] Apache Tomcat 9.0.78 available Rémy Maucherat
• [ANNOUNCE] Apache JMeter 5.6.1 released Milamber
• CVE-2022-45855: Apache Ambari: Allows authenticated metrics consumers to perform RCE Brahma Reddy Battula
• CVE-2022-42009: Apache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application. Brahma Reddy Battula

• Earlier messages