Welcome, September –we’re opening the month with another great week. Here’s what the Apache community has been up to:
ApacheCon™ – the ASF’s official global conference series, bringing Tomorrow’s Technology Today since 1998.
- Registrations are open for ApacheCon North America, 2022 https://www.apachecon.com/acna2022/register.html
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation’s bylaws.
- Next Board Meeting: 21 September 2022. Running Board calendar and minutes are available.
ASF Infrastructure – our distributed team on three continents keeps the ASF’s infrastructure running around the clock.
- 7M+ weekly checks yield uptime at 100.00%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. View the ASF’s Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot – Over the past week, 277 Apache Committers and 809 contributors changed 8,094,967 lines of code over 4,075 commits. Top five contributors, in order, are: Robbie Gemmell, Gary Gregory, Jean-Baptiste Onofré, Claus Ibsen, and Andi Huber.
Apache Project Announcements – the latest updates by category.
Attic – provides process and solutions when an Apache project has reached its end of life.
- Apache Buildr is now retired
- Apache REEF is now retired
- Apache APISIX 2.13.3 released
- Apache ShenYu CVE-2022-37435: Admin Improper Privilege Management
Big Data –
- Apache XMLBeans 5.1.1 released
Enterprise Processes Automation / ERP –
- Apache OFBiz 18.12.06 released
- CVE-2022-25813: Server-Side Template Injection
- CVE-2022-29158: Regular Expression Denial of Service (ReDoS)
- CVE-2022-29063: Java Deserialization via RMI Connection
- CVE-2022-25370: Unauth Stored XSS
- Apache OFBiz 18.12 End-Of-Life (EOL) announcement https://s.apache.org/zkc1x
- Apache EventMesh (incubating) 1.6.0 released
- Apache Geode
- CVE-2022-37021: Deserialization of untrusted data flaw when using JMX over RMI on Java 8.
- CVE-2022-37022: Deserialization of untrusted data flaw when using JMX over RMI on Java 11
- CVE-2022-37023: Deserialization of untrusted data flaw when using REST API on Java 8 or Java 11
- Apache Fineract 1.8.0 released
- Apache Qpid ProtonJ2 1.0.0-M8 released
- Apache SkyWalking 9.2.0 released
Apache Community Notices
- Apache in 2021 – By The Digits + Video highlights
- The Apache Way to Sustainable Open Source Success
- Foundation Reports and Statements
- Presentations from 2021’s ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- “Success at Apache” focuses on the people and processes behind why the ASF “just works.”
- Follow the ASF on social media: @TheASF on Twitter and The ASF page LinkedIn.
- Follow the Apache Community on Facebook and Twitter.
- Are your software solutions Powered by Apache? Download & use our “Powered By” logos.
Stay updated about The ASF
For real-time updates, sign up for Apache-related news by sending mail to email@example.com and follow @TheASF on Twitter. For a broader spectrum from the Apache community, Planet Apache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.
Have an item? Contact us!
We try to catch all the major announcements and goings on at The ASF, but we’re not all-knowing. Have an item you want to see in the weekly round-up? Send it to firstname.lastname@example.org.