[CVE-2019-0224] Apache JSPWiki Cross-site scripting vulnerability

2019-03-26 Thread Juan Pablo Santos Rodríguez
Severity: Medium Vendor: The Apache Software Foundation Versions Affected: Apache JSPWiki up to 2.11.0.M2 Description: A carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to

[CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure

2019-03-26 Thread Juan Pablo Santos Rodríguez
Severity: High Vendor: The Apache Software Foundation Versions Affected: Apache JSPWiki up to 2.11.0.M2 Description: A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki, which could be used by an attacker to obtain registered

[ANNOUNCEMENT] Apache Commons BCEL 6.3.1

2019-03-26 Thread Gary Gregory
The Apache Commons BCEL team is pleased to announce the release of Apache Commons BCEL 6.3.1! The Byte Code Engineering Library (BCEL) is intended to give users a convenient way to analyze, create, and manipulate compiled .class files. Classes are represented by objects containing all the

[ANNOUNCE] Apache Kafka 2.2.0

2019-03-26 Thread Matthias J. Sax
The Apache Kafka community is pleased to announce the release for Apache Kafka 2.2.0 - Added SSL support for custom principal name - Allow SASL connections to periodically re-authenticate - Command line tool bin/kafka-topics.sh adds AdminClient support - Improved consumer group management

[ANNOUNCE] Apache Calcite 1.19.0 released

2019-03-26 Thread Kevin Risden
The Apache Calcite team is pleased to announce the release of Apache Calcite 1.19.0. Calcite is a dynamic data management framework. Its cost-based optimizer converts queries, represented in relational algebra, into executable plans. Calcite supports many front-end languages and back-end data

[ASF at 20] Our Founders look back on 20 Years of the ASF!

2019-03-26 Thread Sally Khudairi
[this interview, along with photos and links, are available online at https://s.apache.org/ASF20th-Founders ] We recently connected with six of the original 21 Founders of The Apache Software Foundation to take a look back at 20 years of the ASF. Joining us are Sameer Parekh Brenn, Mark Cox,

[ASF at 20] 20 Years of Open Source Innovation, The Apache Way

2019-03-26 Thread Sally Khudairi
[this post is available online at https://s.apache.org/CmA3 and https://opensource.com/article/19/3/apache-projects ] by Jim Jagielski and Sally Khudairi As the world’s largest and one of the most influential open source foundations, The Apache Software Foundation (ASF) is home to more than

The Apache® Software Foundation Celebrates 20 Years of Community-led Development "The Apache Way"

2019-03-26 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/ASF20thAnniversary ] The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today its 20th Anniversary, celebrating "The Apache