[CVE-2019-0224] Apache JSPWiki Cross-site scripting vulnerability

2019-03-26 Thread Juan Pablo Santos Rodríguez
Severity: Medium Vendor: The Apache Software Foundation Versions Affected: Apache JSPWiki up to 2.11.0.M2 Description: A carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to exe

[CVE-2019-0225] Apache JSPWiki Local File Inclusion (limited ROOT folder) vulnerability leads to user information disclosure

2019-03-26 Thread Juan Pablo Santos Rodríguez
Severity: High Vendor: The Apache Software Foundation Versions Affected: Apache JSPWiki up to 2.11.0.M2 Description: A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki, which could be used by an attacker to obtain registered users'

[ANNOUNCEMENT] Apache Commons BCEL 6.3.1

2019-03-26 Thread Gary Gregory
The Apache Commons BCEL team is pleased to announce the release of Apache Commons BCEL 6.3.1! The Byte Code Engineering Library (BCEL) is intended to give users a convenient way to analyze, create, and manipulate compiled .class files. Classes are represented by objects containing all the symbolic

[ANNOUNCE] Apache Kafka 2.2.0

2019-03-26 Thread Matthias J. Sax
The Apache Kafka community is pleased to announce the release for Apache Kafka 2.2.0 - Added SSL support for custom principal name - Allow SASL connections to periodically re-authenticate - Command line tool bin/kafka-topics.sh adds AdminClient support - Improved consumer group management -

[ANNOUNCE] Apache Calcite 1.19.0 released

2019-03-26 Thread Kevin Risden
The Apache Calcite team is pleased to announce the release of Apache Calcite 1.19.0. Calcite is a dynamic data management framework. Its cost-based optimizer converts queries, represented in relational algebra, into executable plans. Calcite supports many front-end languages and back-end data engi

[ASF at 20] Our Founders look back on 20 Years of the ASF!

2019-03-26 Thread Sally Khudairi
[this interview, along with photos and links, are available online at https://s.apache.org/ASF20th-Founders ] We recently connected with six of the original 21 Founders of The Apache Software Foundation to take a look back at 20 years of the ASF. Joining us are Sameer Parekh Brenn, Mark Cox, La

[ASF at 20] 20 Years of Open Source Innovation, The Apache Way

2019-03-26 Thread Sally Khudairi
[this post is available online at https://s.apache.org/CmA3 and https://opensource.com/article/19/3/apache-projects ] by Jim Jagielski and Sally Khudairi As the world’s largest and one of the most influential open source foundations, The Apache Software Foundation (ASF) is home to more than 35

The Apache® Software Foundation Celebrates 20 Years of Community-led Development "The Apache Way"

2019-03-26 Thread Sally Khudairi
[this announcement is available online at https://s.apache.org/ASF20thAnniversary ] The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today its 20th Anniversary, celebrating "The Apache W