[this report is available online at https://s.apache.org/tbyxg ]
Synopsis: This report explores the state of security across all Apache Software
Foundation projects for the calendar year 2019. We review key metrics, specific
vulnerabilities, and the most common ways users of ASF projects were af
[this newsletter is available online at https://s.apache.org/s70bu ]
Farewell, January --we're wrapping up the month with another great
week. Here are the latest updates on the Apache community's
activities:
ASF Board – management and oversight of the business affairs of the
corporation in accord
Apache SpamAssassin 3.4.4 was recently released [1], and fixes an issue
of security note where nefarious rule configuration (.cf) files can be
configured to run system commands similar to CVE-2018-11805. With this
bug unpatched, exploits can be injected in a number of scenarios
including the same