The Apache News Round-up: week ending 14 July 2017

We’ve had a booming week! Here’s what the Apache community has been up to:

Support Apache –your contributions through the ASF Sponsorship program and individual donations help sustain 300+ freely-available Open Source projects. Every dollar counts.

ASF Board –management and oversight of the business and affairs of the corporation in accordance with the Foundation’s bylaws.
 – Next Board Meeting: 19 July 2017. Board calendar and minutes
 – ASF Annual Report for 2017 Fiscal Year

ASF Infrastructure –our distributed team on four continents keeps the ASF’s infrastructure running around the clock.
 – 7M+ weekly checks yield great performance at 97.03% uptime

Apache Jackrabbit™ –a fully conforming implementation of the Content Repository for Java Technology API (JCR).
 – Apache Jackrabbit 2.14.2 released

Apache HAWQ (incubating) –an advanced enterprise SQL-on-Hadoop analytic engine.
 – Apache HAWQ released

Apache HTTP Server™ –the world’s most popular Web server.
 – Apache HTTP Server 2.2.34 and 2.4.27 2.2.34 released
 – CVE-2017-9789: Apache httpd 2.4 Read after free in mod_http2
 – CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest

Apache Impala (Incubating) –a high-performance C++ and Java SQL query engine for data stored in Apache Hadoop-based clusters.
 – CVE-2017-5652 Apache Impala (incubating) Information Disclosure
 – CVE-2017-5640 Apache Impala (incubating) Information Disclosure

Apache Lucene™ Solr –an Open Source enterprise search server based on the Lucene Java search library.
 – CVE-2017-7660: Security Vulnerability in secure inter-node communication in Apache Solr

Apache ODE™ –a WS-BPEL 1.1/2.0 compliant Web services orchestration engine.
 – Apache ODE 1.3.7 released

Apache Olingo™ –a Java library that enables developers to implement OData producers and OData consumers.
 – Apache Olingo 2.0.9 released

Apache OpenMeetings™ –provides video conferencing, instant messaging, white board, collaborative document editing and other groupware tools.
 – Apache OpenMeetings 3.3.0 released

Apache OpenNLP™ –a machine learning based toolkit for the processing of natural language text.
 – Apache OpenNLP 1.8.1 released

Apache OpenWebBeans™ –a CDI container (Contexts and Dependency Injection for Java) and targets the CDI-1.2 specification (JavaEE 7).
 – Apache OpenWebBeans-1.7.4 released

Apache Phoenix™ –enables SQL-based OLTP and operational analytics for Apache Hadoop.
 – Apache Phoenix 4.11 released

Apache Struts™ –a comprehensive and modular tooling stack for creating Web-based Java applications.
 – Apache Struts 2: possible RCE in the Struts Showcase app in the Struts 1 plugin example in the Struts 2.3.x series
 – Apache Struts 2.5.12 GA with Security Fixes released

Apache Subversion™ –an Open Source, centralized version control system.
 – Apache Subversion 1.8.18 released

Apache Tika™ –a toolkit for detecting and extracting metadata and structured text content from various documents using existing parser libraries.
 – Apache Tika 1.16 released

Apache Wicket™ –an Open Source Java component oriented Web application framework.
 – Apache Wicket 7.8.0 released

Apache Yetus™ –a collection of libraries and tools that enable contribution and release processes for software projects. – Apache Yetus 0.5.0 released

Did You Know?

 – Did you know that if your employer has a matching gift program, your contribution to the ASF can be generously increased and will help even more to support its mission?

 – Did you know that the Apache Incubator site had a redesign/facelift?

 – Did you know that the value to users from Apache OpenOffice’s 200+M downloads (over the past year) exceeds $25M per day?

Apache Community Notices:

 – "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence 2) All Carrot and No Stick 3) Asynchronous Decision Making 4) Rule of the Makers 5) JFDI –the unconditional love of contributors 6) Meritocracy and Me 7) Learning to Build a Stronger Community

 – Presentations from ApacheCon and Apache: Big Data are available; as well as videos and audio recordings

 – Check out the Apache Community Development blog

 – Do friend and follow us on the Apache Community Facebook page and Twitter account

 – Apache ActiveMQ Call For Logo

 – The list of Apache project-related MeetUps can be found at

 – The CloudStack European User Group will be held 17 August in London

 – Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco

 – ASF Annual Report

 – Find out how you can participate with Apache community/projects/activities –opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more!

 – Are your software solutions Powered by Apache? Download & use our "Powered By" logos

= = =
For real-time updates, sign up for Apache-related news by sending mail to and follow @TheASF on Twitter. For a broader spectrum from the Apache community, provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #