The Apache POI project is pleased to announce the release of Apache
XMLBeans 5.0.2.
The POI team took over the ownership of XMLBeans since version 3.0.0.
See the downloads page for binary and source distributions:
https://xmlbeans.apache.org/download
Release Notes
Changes
The
The Apache Qpid (https://qpid.apache.org) community is pleased to
announce the immediate availability of Apache Qpid JMS 1.3.0.
This is the latest release of our newer JMS client supporting the
Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464,
https://www.amqp.org), based around the
The Apache Flink community is very happy to announce the release of
Apache Flink 1.13.3, which is the third bugfix release for the Apache
Flink 1.13 series.
Apache FlinkĀ® is an open-source stream processing framework for
distributed, high-performing, always-available, and accurate data
The Apache Ant Team is pleased to announce the release of Apache Ant
1.10.12.
Apache Ant is a Java library and command-line tool that helps building
software.
The Apache Ant team currently maintains two lines of development. The
1.9.x releases require Java 5 at runtime and 1.10.x
Severity: high
Description:
An Unsafe Deserialization vulnerability exists in the worker services of the
Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE).
Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm
2.1.x users should upgrade to
Severity: high
Description:
A Command Injection vulnerability exists in the getTopologyHistory service of
the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A
specially crafted thrift request to the Nimbus server allows Remote Code
Execution (RCE) prior to
