announce

Messages by Date

2023/06/07 [ANNOUNCE] Apache Kafka 3.4.1 Luke Chen
2023/06/06 [SECURITY] CVE-2023-30576: Apache Guacamole: Use-after-free in handling of RDP audio input buffer Michael Jumper
2023/06/06 [SECURITY] CVE-2023-30575: Apache Guacamole: Incorrect calculation of Guacamole protocol element lengths Michael Jumper
2023/06/06 [ANNOUNCE] Apache Qpid Proton 0.39.0 released Robbie Gemmell
2023/06/06 [ANNOUNCE] Apache Pulsar Client Python 3.2.0 released Yunze Xu
2023/06/06 [ANNOUNCE] Apache MINA 2.2.2, 2.1.7 and 2.0.24 released Emmanuel Lecharny
2023/06/04 [ANNOUNCEMENT] Apache SkyWalking Go 0.1.0 Released han liu
2023/06/02 [ANN] Apache Tomcat Native 1.2.37 released Mark Thomas
2023/06/02 [ANN] Apache Tomcat Native 2.0.4 released Mark Thomas
2023/06/01 [ANNOUNCE] Apache OFBiz 18.12.08 released Jacopo Cappellato
2023/06/01 [ANNOUNCE] Apache Serf 1.3.10 released Evgeny Kotkov
2023/05/31 [ANNOUNCE] ATS 10 Hackathon 6/8/23 Bryan Call
2023/05/30 [ANNOUNCE] Release Apache DolphinScheduler 3.0.6 Jay Chung
2023/05/30 [ANNOUNCE] Apache Camel 3.14.8 (LTS) Released Gregor Zurowski
2023/05/30 CVE-2023-30601: Apache Cassandra: Privilege escalation when enabling FQL/Audit logs Marcus Eriksson
2023/05/29 [ANNOUNCE] Apache Wicket 9.14.0 released Andrea Del Bene
2023/05/29 [ANNOUNCE] Airflow Providers prepared on May 24, 2023 are released Elad Kalif
2023/05/29 [ANNOUNCE] Apache Guacamole 1.5.2 released Michael Jumper
2023/05/29 CVE-2023-33234: Apache Airflow CNCF Kubernetes Provider: KubernetesPodOperator RCE via connection configuration Elad Kalif
2023/05/29 [ANNOUNCE] Apache Qpid proton-dotnet 1.0.0-M9 released Timothy Bish
2023/05/29 [ANNOUNCE] Apache Camel 3.20.5 (LTS) Released Gregor Zurowski
2023/05/29 [ANNOUNCE] Apache Camel 3.18.7 (LTS) Released Gregor Zurowski
2023/05/24 CVE-2022-46907: Apache JSPWiki Cross-site scripting on several plugins Juan Pablo Santos Rodríguez
2023/05/24 [ANNOUNCE] Apache JSPWiki 2.12.0 released Juan Pablo Santos Rodríguez
2023/05/23 CVE-2023-33246: Apache RocketMQ: RocketMQ may have a remote code execution vulnerability when using the update configuration function Rongtong Jin
2023/05/22 [ANNOUNCE] Airflow Providers prepared on May 19, 2023 are released Elad Kalif
2023/05/22 [ANNOUNCE] Apache Qpid JMS 2.3.0 released Robbie Gemmell
2023/05/22 [ANNOUNCE] Apache Qpid JMS 1.9.0 released Robbie Gemmell
2023/05/22 [SECURITY] CVE-2023-28709 Apache Tomcat - Fix for CVE-2023-24998 was incomplete Mark Thomas
2023/05/21 [ANNOUNCE] Apache Kyuubi Shaded released 0.1.0 Cheng Pan
2023/05/21 CVE-2023-31454: Apache InLong: IDOR make users can bind any cluster Charles Zhang
2023/05/21 CVE-2023-31453: Apache InLong: IDOR make users can delete others' subscription Charles Zhang
2023/05/21 CVE-2023-31206: Apache InLong: Attackers can change the immutable name and type of nodes Charles Zhang
2023/05/21 CVE-2023-31103: Apache InLong: Attackers can change the immutable name and type of cluster Charles Zhang
2023/05/21 CVE-2023-31101: Apache InLong: Users who joined later can see the data of deleted users Charles Zhang
2023/05/21 CVE-2023-31098: Apache InLong: Weak Password Implementation in InLong Charles Zhang
2023/05/21 CVE-2023-31066: Apache InLong: Insecure direct object references for inlong sources Charles Zhang
2023/05/21 CVE-2023-31065: Apache InLong: Insufficient Session Expiration in InLong Charles Zhang
2023/05/21 CVE-2023-31064: Apache InLong: Insecurity direct object references cancelling applications Charles Zhang
2023/05/21 CVE-2023-31062: Apache InLong: Privilege escalation vulnerability for InLong Charles Zhang
2023/05/21 CVE-2023-31058: Apache InLong: JDBC URL bypassing by adding blanks Charles Zhang
2023/05/20 [ANN] Apache Tomcat 8.5.89 available Christopher Schultz
2023/05/19 [ANNOUNCE] Apache XBean 4.23 release fpapon
2023/05/18 [ANNOUNCE] Apache Jackrabbit 2.16.x deprecated Julian Reschke
2023/05/17 [ANNOUNCEMENT] Apache Commons IO 2.12.0 Gary Gregory
2023/05/17 [ANNOUNCE] Apache SDAP (incubating) 1.1.0 Released Nga Chung
2023/05/16 [ANNOUNCE] Apache Airflow 2.6.1 Released Ephraim Anierobi
2023/05/16 [ANNOUNCE] Apache Pulsar Client C++ 3.2.0 released Yunze Xu
2023/05/16 [ANN] Apache TomEE 8.0.15 Richard Zowalla
2023/05/16 [ANNOUNCE] Apache Jackrabbit 1.52.0 released Julian Reschke
2023/05/16 [ANNOUNCE] Apache Beam 2.47.0 Released Jack McCluskey
2023/05/16 [ANNOUNCE] Apache Qpid proton-dotnet 1.0.0-M8 released Timothy Bish
2023/05/16 [ANNOUNCE] Apache Arrow ADBC 0.4.0 released David Li
2023/05/15 [ANNOUNCE] Apache Tika 2.8.0 released Tim Allison
2023/05/15 CVE-2022-47937: Multiple parsing problems in the Apache Sling Commons JSON module Robert Munteanu
2023/05/13 [ANNOUNCEMENT] Commons Daemon 1.3.4 Released Mark Thomas
2023/05/12 CVE-2023-29246: Apache OpenMeetings: allows null-byte Injection Maxim Solodovnik
2023/05/12 CVE-2023-29032: Apache OpenMeetings: allows bypass authentication Maxim Solodovnik
2023/05/12 CVE-2023-28936: Apache OpenMeetings: insufficient check of invitation hash Maxim Solodovnik
2023/05/11 [ANNOUNCE] Apache OpenMeetings 7.1.0 is released Maxim Solodovnik
2023/05/10 [ANN] Apache Tomcat 9.0.75 available Rémy Maucherat
2023/05/10 [ANNOUNCE] Apache flink-connector-gcp-pubsub v3.0.1 released Martijn Visser
2023/05/10 [ANNOUNCE] Apache flink-connector-elasticsearch v3.0.1 released Martijn Visser
2023/05/10 [ANNOUNCE] Apache flink-connector-pulsar v4.0.0 released Martijn Visser
2023/05/10 [ANNOUNCE] Apache flink-connector-rabbitmq v3.0.1 released Martijn Visser
2023/05/10 [ANNOUNCE] Apache flink-connector-opensearch v1.0.1 released Martijn Visser
2023/05/10 [ANNOUNCE] Apache flink-shaded v17.0 released Martijn Visser
2023/05/10 [ANNOUNCE] Apache Jackrabbit Oak 1.8.x deprecated Julian Reschke
2023/05/10 [ANNOUNCE] Apache Lucene 9.6.0 released Alan Woodward
2023/05/09 [ANN] Apache Tomcat 11.0.0-M6 (alpha) available Mark Thomas
2023/05/08 [ANNOUNCE] Apache Jackrabbit 2.20.10 released Julian Reschke
2023/05/08 [ANN] Apache Syncope 2.1.14 Francesco Chicchiriccò
2023/05/08 [ANN] Apache Syncope 3.0.3 Francesco Chicchiriccò
2023/05/08 CVE-2023-25754: Apache Airflow: Privilege escalation using airflow logs Jarek Potiuk
2023/05/08 [ANNOUNCE] Apache Arrow 12.0.0 released Raúl Cumplido
2023/05/08 [ANNOUNCE] Apache Groovy 4.0.12 Released Paul King
2023/05/08 CVE-2023-31039: Apache bRPC: ServerOptions.pid_file may cause arbitrary code execution Wang Weibing
2023/05/08 CVE-2023-31038: Apache Log4cxx: SQL injection when using ODBC appender Robert Middleton
2023/05/08 CVE-2023-29247: Stored XSS on Apache Airflow Pierre Jeambrun
2023/05/06 [ANNOUNCE] Log4cxx 1.1.0 Released Robert Middleton
2023/05/06 [ANNOUNCE] Apache Kvrocks(incubating) 2.4.0 Released hulk
2023/05/05 [ANNOUNCE] Apache Qpid protonj2 1.0.0-M15 released Timothy Bish
2023/05/05 [ANNOUNCE] Apache Dubbo 3.0.x End-Of-Life (EOL) Announcement Albumen Kevin
2023/05/05 [ANNOUNCE] Apache Dubbo 2.7.x End-Of-Life (EOL) Announcement Albumen Kevin
2023/05/05 [ANNOUNCE] Apache Camel 4.0.0-M3 Released Gregor Zurowski
2023/05/05 [ANNOUNCE] Apache Ignite 2.15.0 Released Aleksey Plekhanov
2023/05/05 CVE-2021-40331: Apache Ranger Hive Plugin: Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled Ramesh Mani
2023/05/05 CVE-2022-45048: Apache Ranger: code execution vulnerability in policy expressions Madhan Neethiraj
2023/05/03 [ANNOUNCE] Apache Pulsar 3.0.0 released Zike Yang
2023/05/02 [ANNOUNCE] Apache Wicket 8.15.0 released Andrea Del Bene
2023/05/02 CVE-2023-26268: Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes Nick Vatamaniuc
2023/05/02 CVE-2023-32007: Apache Spark: Shell command injection via Spark UI Arnout Engelen
2023/05/02 [ANNOUNCE] Apache BookKeeper 4.16.1 released Hang Chen
2023/05/02 [ANNOUNCE] Apache BookKeeper 4.16.0 released Hang Chen
2023/05/01 [ANNOUNCE] Apache Solr 9.2.1 released Justin Sweeney
2023/04/30 [ANNOUNCE] Apache Airflow 2.6.0 Released Ephraim Anierobi
2023/04/30 [ANNOUNCE] Apache Drill 1.21.1 Released James Turton
2023/04/30 [ANNOUNCEMENT] Apache SkyWalking Python 1.0.1 Released Yihao Chen
2023/04/30 [ANNOUNCEMENT] Apache SkyWalking Python 1.0.1 Released Yihao Chen
2023/04/28 [ANNOUNCE] Apache Accumulo 1.10.3 Christopher
2023/04/28 [ANNOUNCE] Apache Curator 5.5.0 released Kezhu Wang
2023/04/28 [ANNOUNCE] Apache Curator 5.5.0 released Kezhu Wang
2023/04/27 [ANNOUNCE] Apache bRPC 1.5.0 released Xiguo Hu
2023/04/27 [ANNOUNCE] Apache Camel 3.20.4 (LTS) Released Gregor Zurowski
2023/04/26 [ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.3.0 Christophe Bornet
2023/04/26 [ANNOUNCE] Apache Empire-db 3.1.0 released doebele
2023/04/25 [ANNOUNCE] Apache CouchDB 3.3.2 released Jan Lehnardt
2023/04/25 [ANNOUNCE] Apache CouchDB 3.2.3 released Jan Lehnardt
2023/04/25 [ANNOUNCE] Apache Hudi 0.12.3 released Sivabalan
2023/04/24 [ANNOUNCE] Airflow Providers prepared on April 21, 2023 are released Elad Kalif
2023/04/24 [ANNOUNCE] Apache Solr Operator v0.7.0 released Houston Putman
2023/04/24 CVE-2023-22665: Apache Jena: Exposure of arbitrary execution in script engine expressions. Andy Seaborne
2023/04/24 CVE-2023-30776: Apache Superset: Database connection password leak Daniel Gaspar
2023/04/24 CVE-2023-27524: Apache Superset: Session validation vulnerability when using provided default SECRET_KEY Daniel Gaspar
2023/04/22 [ANNOUNCE] Apache Geronimo Arthur 1.0.6 fpapon
2023/04/20 CVE-2023-25601: Apache DolphinScheduler 3.0.0 to 3.1.1 python gateway has improper authentication Arnout Engelen
2023/04/20 [ANNOUNCE] Apache Pulsar 2.10.4 released Xiangying Meng
2023/04/20 [ANNOUNCE] Apache Pulsar Node.js client 1.8.2 released Baodi Shi
2023/04/20 [ANNOUNCE] Apache Pulsar 2.11.1 released guo jiwei
2023/04/19 [ANN] Apache Tomcat 10.1.8 available Christopher Schultz
2023/04/19 [ANN] Apache Tomcat 8.5.88 available Christopher Schultz
2023/04/19 [ANN] Apache Tomcat 11.0.0-M5 (alpha) available Mark Thomas
2023/04/19 [ANNOUNCE] Release Apache SkyWalking Client JS version 0.10.0 xue fan
2023/04/18 [ANNOUNCE] Apache NiFi MiNiFi C++ 0.14.0 release Gábor Gyimesi
2023/04/18 [ANNOUNCE] Apache Wicket 9.13.0 released Andrea Del Bene
2023/04/18 [ANN] Apache Tomcat 9.0.74 available Rémy Maucherat
2023/04/17 CVE-2023-27525: Apache Superset: Incorrect default permissions for Gamma role Daniel Gaspar
2023/04/17 CVE-2023-25504: Apache Superset: Possible SSRF on import datasets Daniel Gaspar
2023/04/16 [ANNOUNCE] Apache StreamPipes 0.91.0 Tim Bossenmaier
2023/04/16 CVE-2023-24831: Apache IoTDB grafana-connector Login Bypass Vulnerability Jialin Qiao
2023/04/16 CVE-2023-30771: Apache IoTDB Workbench: apache/iotdb-web-workbench: forge the JWTToken to access workbench Jialin Qiao
2023/04/16 CVE-2023-22946: Apache Spark proxy-user privilege escalation from malicious configuration class Sean R. Owen
2023/04/15 The Apache Software Foundation (ASF) welcomes 46 new Members Brian Proffitt
2023/04/15 [ANN] Apache ActiveMQ 5.18.1 has been released! Jean-Baptiste Onofré
2023/04/15 [ANNOUNCE] Apache Guacamole 1.5.1 Michael Jumper
2023/04/15 [ANNOUNCE] Apache Airflow Helm Chart version 1.9.0 Released Jedidiah Cunningham
2023/04/14 [ANNOUNCE] Apache DolphinScheduler Python SDK 4.0.3 Released Jay Chung
2023/04/14 [ANNOUNCE] Apache Qpid ProtonJ2 1.0.0-M14 released Timothy Bish
2023/04/13 [ANNOUNCE] Airflow Providers prepared on April 12, 2023 are released Elad Kalif
2023/04/13 [ANNOUNCE] Apache PDFBox 2.0.28 released Andreas Lehmkuehler
2023/04/13 [ANNOUNCE] Apache SkyWalking Java Agent 8.15.0 released Sheng Wu
2023/04/12 [ANNOUNCE] Airflow Providers prepared on April 09, 2023 are released Elad Kalif
2023/04/12 CVE-2022-45064: Apache Sling Engine: Include-based XSS Angela Schreiber
2023/04/11 CVE-2023-30465: Apache InLong: SQL injection in apache inLong 1.5.0 Charles Zhang
2023/04/11 CVE-2023-30465: Apache InLong: SQL injection in apache inLong 1.5.0 Charles Zhang
2023/04/11 [ANNOUNCE] Apache Impala 4.1.2 release Quanlong Huang
2023/04/11 [Announcement] : Apache LDAP API 2.1.2 Emmanuel Lecharny
2023/04/10 [ANNOUNCE] Apache Uniffle(Incubating) 0.7.0 available Junfan Zhang
2023/04/10 CVE-2022-47501: Apache OFBiz: Arbitrary file reading vulnerability Jacques Le Roux
2023/04/10 [ANNOUNCE] Apache OFBiz 18.12.07 released Jacopo Cappellato
2023/04/10 CVE-2023-29216: Apache Linkis DatasourceManager module has a deserialization command execution Heping Wang
2023/04/10 CVE-2023-29215: Apache Linkis JDBC EngineCon has a deserialization command execution Heping Wang
2023/04/10 CVE-2023-27987: Apache Linkis gateway module token authentication bypass Heping Wang
2023/04/10 CVE-2023-27603: Apache Linkis Mangaer module engineConn material upload exists Zip Slip issue Heping Wang
2023/04/10 CVE-2023-27602: Apache Linkis publicsercice module unrestricted upload of file Heping Wang
2023/04/09 [ANNOUNCE] Apache Jackrabbit Oak 1.22.15 released Julian Reschke
2023/04/07 [ANNOUNCE] Apache NiFi 1.21.0 release. Joe Witt
2023/04/07 CVE-2023-28710: Apache Airflow Spark Provider Arbitrary File Read via JDBC Jarek Potiuk
2023/04/07 CVE-2023-28706: Apache Airflow Hive Provider Beeline Remote Command Execution Jarek Potiuk
2023/04/07 CVE-2023-28707: Airflow Apache Drill Provider Arbitrary File Read Vulnerability Jarek Potiuk
2023/04/07 [ANNOUNCEMENT] Apache HTTP Server 2.4.57 Released covener
2023/04/07 [ANNOUNCE] Apache Linkis 1.3.2 available Ling Xu
2023/04/06 [ANNOUNCE] Airflow Providers prepared on April 02, 2023 are ready Elad Kalif
2023/04/05 [ANNOUNCE] Apache Jackrabbit 2.21.16 released Julian Reschke
2023/04/04 CVE-2022-46365: Apache StreamPark (incubating): Logic error causing any account reset Huajie Wang
2023/04/04 CVE-2022-45802: Apache StreamPark (incubating): Upload any file to any directory Huajie Wang
2023/04/04 CVE-2022-45801: Apache StreamPark (incubating): LDAP Injection Vulnerability Huajie Wang
2023/04/04 [ANNOUNCE] Apache Teaclave (incubating) 0.5.0 released He Sun
2023/04/04 [ANNOUNCE] Apache Teaclave (incubating) 0.5.0 released He Sun
2023/04/04 [ANNCOUNCE] Apache Flume Spring Boot 2.0.0 released Ralph Goers
2023/04/03 [ANNOUNCE] Apache Pulsar Go Client 0.10.0 released Zike Yang
2023/04/03 [ANNOUNCE] Apache Camel 3.18.6 (LTS) Released Gregor Zurowski
2023/04/03 [ANNOUNCE] Apache IoTDB 1.1.0 released Haonan Hou
2023/04/03 [ANNOUNCE] Release Apache DolphinScheduler 3.0.5 Jay Chung
2023/04/01 [ANNOUNCE] Release Apache Hop 2.4.0 Bart Maertens
2023/04/01 [ANNOUNCE] Apache Airflow 2.5.3 Released Pierre Jeambrun
2023/04/01 [ANNOUNCEMENT] Apache XalanJ 2.7.3 Mukul Gandhi
2023/04/01 [ANNOUNCE] Apache Ranger 2.4.0 released Selvamohan Neethiraj
2023/03/31 [ANNOUNCE] Apache Qpid ProtonJ2 1.0.0-M13 released Timothy Bish
2023/03/31 [ANNOUNCEMENT] Apache Portable Runtime 1.7.3 Released rpluem
2023/03/31 CVE-2023-26269: Apache James server: Privilege escalation through unauthenticated JMX Benoit Tellier
2023/03/31 [ANNOUNCE] Apache James 3.7.4 released Benoit TELLIER
2023/03/31 [ANNOUNCE] Apache Groovy 4.0.11 Released Paul King
2023/03/31 [ANNOUNCE] Apache ShardingSphere 5.3.2 available 吴伟杰
2023/03/31 [ANNOUNCE] Apache ShardingSphere ElasticJob 3.0.3 available 吴伟杰
2023/03/31 [ANNOUNCE] Apache Groovy 3.0.17 Released Paul King
2023/03/31 [ANNOUNCE] Apache Groovy 2.5.22 Released Paul King
2023/03/30 CVE-2023-28935: Apache UIMA DUCC: DUCC (EOL) allows RCE Arnout Engelen
2023/03/29 [ANNOUNCE] Apache Camel 3.20.3 (LTS) Released Gregor Zurowski
2023/03/29 [ANNOUNCEMENT] Apache Commons Configuration 2.9.0 Gary Gregory
2023/03/29 n/a: CVE-2023-28158: Apache Archiva privilege escalation Olivier Lamy
2023/03/28 CVE-2023-28326: Apache OpenMeetings: allows user impersonation Maxim Solodovnik
2023/03/28 [ANNOUNCE] Apache DolphinScheduler SDK Python 4.0.2 Released Jay Chung
2023/03/27 [ANNOUNCE] Apache Solr 9.2.0 released Houston Putman
2023/03/27 CVE-2023-25196: Apache Fineract: SQL injection vulnerability James Dailey
2023/03/27 CVE-2023-25197: apache fineract: SQL injection vulnerability in certain procedure calls James Dailey
2023/03/27 CVE-2023-25195: Apache Fineract: SSRF template type vulnerability in certain authenticated users James Dailey
2023/03/27 CVE-2023-27296: Apache InLong: JDBC Deserialization Vulnerability in InLong Charles Zhang
2023/03/26 [ANN] Apache Causeway version 2.0.0-RC1 Released Dan Haywood
2023/03/26 [ANN] Apache ActiveMQ 5.18.0 has been released! Jean-Baptiste Onofré

Earlier messages