[ANNOUNCE] Apache Jackrabbit Oak 1.22.5 released

The Apache Jackrabbit community is pleased to announce the release of Apache Jackrabbit Oak 1.22.5. The release is available for download at: http://jackrabbit.apache.org/downloads.html See the full release notes below for details about this release: Release Notes -- Apache Jackrabbit Oak

[CVE-2020-13957] The checks added to unauthenticated configset uploads in Apache Solr can be circumvented

Severity: High Vendor: The Apache Software Foundation Versions Affected: 6.6.0 to 6.6.5 7.0.0 to 7.7.3 8.0.0 to 8.6.2 Description: Solr prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without auth

The Apache Software Foundation Operations Summary: 1 May - 31 July 2020

[this announcement is available online at https://s.apache.org/2mefr ] FOUNDATION OPERATIONS SUMMARY First Quarter, Fiscal Year 2021 (May - July 2020) "This Foundation has survived more than two decades of change in the software industry and is stronger now than ever before." —Roy Fielding, ASF

Inside Infra: Daniel Gruno --Part II

[this interview is available online at https://s.apache.org/InsideInfra-Daniel2 ] The "Inside Infra" series with members of the ASF Infrastructure team continues with Part II of the interview with Daniel Gruno, who shares his experience with Sally Khudairi, ASF VP Marketing & Publicity. - - -

[SECURITY] CVE-2020-13943 Apache Tomcat HTTP/2 Request mix-up

CVE-2020-13943 Apache Tomcat HTTP/2 Request mix-up Severity: Moderate Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 10.0.0-M1 to 10.0.0-M7 Apache Tomcat 9.0.0.M5 to 9.0.37 Apache Tomcat 8.5.1 to 8.5.57 Description: If an HTTP/2 client exceeded the agreed maximum number

[ANNOUNCE] Apache Wicket 9.1.0 released

The Apache Wicket PMC is proud to announce Apache Wicket 9.1.0! Apache Wicket is an open source Java component oriented web application framework that powers thousands of web applications and web sites for governments, stores, universities, cities, banks, email providers, and more. You can find m

[ANNOUNCEMENT] Apache SkyWalking CLI 0.4.0 Released

Hi the SkyWalking Community On behalf of the SkyWalking CLI Team, I’m glad to announce that SkyWalking CLI 0.4.0 is now released. SkyWalking CLI: A command line interface for SkyWalking. SkyWalking: APM (application performance monitor) tool for distributed systems, especially designed for micro

[ANN] Apache Tomcat 10.0.0-M9 available

The Apache Tomcat team announces the immediate availability of Apache Tomcat 10.0.0-M9. Apache Tomcat 10 is an open source software implementation of the Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language, Jakarta WebSocket, Jakarta Authentication and Jakarta Annotations specificat

[ANN] Apache Tomcat 9.0.39 available

The Apache Tomcat team announces the immediate availability of Apache Tomcat 9.0.39. Apache Tomcat 9 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and JASPIC technologies. Apache Tomcat 9.0.39 is a bugfix and feat

[ANN] Apache Tomcat 8.5.59 available

The Apache Tomcat team announces the immediate availability of Apache Tomcat 8.5.59. Apache Tomcat 8 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers t