The Apache Qpid (http://qpid.apache.org) community is pleased to
announce the immediate availability of Apache protonj2 1.0.0-M19.
This is the latest release of our AMQP Java client supporting the
Advanced Message Queuing Protocol 1.0 (AMQP 1.0, ISO/IEC 19464,
http://www.amqp.org), based around
Severity: important
Affected versions:
- Apache Solr 9.0.0 before 9.3.0
Description:
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in
Apache Solr.
The Solr Metrics API publishes all unprotected environment variables available
to each Apache Solr instance. Users are
Severity: low
Affected versions:
- Apache Shiro before 1.13.0
- Apache Shiro 2.0.0-alpha-1 before 2.0.0-alpha-4
Description:
Apache Shiro before 1.130 or 2.0.0-alpha-4, may be susceptible to a path
traversal attack that results in an authentication bypass when used together
with path
Apache Cocoon 2.1 and 3.0 retired
-
After the recent release of Cocoon 2.3.0, the Apache Cocoon Community has
decided to retire both 2.1 and 3.0 versions, to focus on further
developments
of the 2.3 branch
The 2.1 branch was first released