The Apache News Round-up: week ending 27 July 2018

Farewell, July! Let’s check out the Apache community’s activities from the past week:

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation’s bylaws.
 – Next Board Meeting: 15 August. Board calendar and minutes

ApacheCon™ –the ASF’s official global conference series. Join us!
 – 24-27 September: Registration for ApacheCon North America/Montreal is open
 – 8 October: Apache Roadshow and Open Source Job Fair/Fairfax, VA –Save The Date!
 – Media and Community Partner opportunities available for *all* official Apache events: drop us a note at to help.

ASF Infrastructure –our distributed team on three continents keeps the ASF’s infrastructure running around the clock.
 – 7M+ weekly checks yield zippity performance at 93.91% uptime.

ASF Operations Factoid –this week, 506 Apache contributors changed 968,003 lines of code over 3,133 commits. Top 5 contributors, in order, are: Tellier Benoit, Karl Heinz Marbaise, Andrea Cosentino, Roberto Cortez, and Gary Gregory.

Apache Accumulo™ –a sorted, distributed key/value store that provides robust, scalable Big Data storage and retrieval.
 – Apache Accumulo 1.9.2 released

Apache Calcite™ –a framework for writing Big Data management systems.
 – Apache Calcite 1.17.0 released

Apache Directory™ Fortress –computer security access management facility written in Java.
 – Apache Fortress 2.0.1 released

Apache HBase™ –Open Source, distributed, versioned, non-relational database.
 – Apache HBase 2.1.0 released

Apache HttpComponents™ HttpAsyncClient–a library for client-side HTTP communication built on HttpCore.
 – HttpComponents HttpAsyncClient 4.1.4 GA released

Apache Kafka™ –distributed, fault tolerant, publish-subscribe messaging.
 – CVE-2017-12610: Authenticated Kafka clients may impersonate other users
 – CVE-2018-1288: Authenticated Kafka clients may interfere with data replication

Apache OpenWhisk (incubating) –distributed serverless computing platform.
 – CVE-2018-11756 PHP Runtime for Apache OpenWhisk
 – CVE-2018-11757 Docker Skeleton Runtime for Apache OpenWhisk

Apache Qpid™ –messaging tools that speak AMQP and support many languages and platforms.
 – Apache Qpid JMS 0.35.0 released

Apache Tomcat™ –an Open Source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.
 – CVE-2018-8019 Apache Tomcat Native Connector – Mishandled OCSP invalid response
 – CVE-2018-8020 Apache Tomcat Native Connector – Mishandled OCSP responses can allow clients to authenticate with revoked certificates
 – CVE-2018-1336 Apache Tomcat – Denial of Service
 – CVE-2018-8037 Apache Tomcat – Information Disclosure
 – CVE-2018-8034 Apache Tomcat – Security Constraint Bypass

Did You Know?

 – Did you know that you can easily help promote ApacheCon?

 – Did you know that you can achieve Machine Learning on SQL by using Apache Hivemall (incubating) on Apache Hive or Apache Spark?

 – Did you know that the highest code contribution value during FY2018 was by Apache Mynewt? $61,769,063 worth of code!

Apache Community Notices:

 – ASF Annual Report for FY2018

 – The Apache Software Foundation Celebrates 19 Years of Open Source Leadership "The Apache Way"

 – Read "Open – For Business – At the ASF" by Merv Adrian, VP Research at Gartner

 – The Apache Software Foundation 2018 Vision Statement

 – Apache in 2017 – By The Digits

 – Foundation Statement –Apache Is Open.

 – "Success at Apache" focuses on the processes behind why the ASF "just works".

 – Please follow/like/re-tweet the ASF on social media: @TheASF on Twitter and on LinkedIn at

 – Do friend and follow us on the Apache Community Facebook page Twitter account

 – The list of Apache project-related MeetUps can be found at

 – ApacheCon North America will be held 24-27 September in Montreal

 – Save the Date: Apache Roadshow DC and Open Source/Government/Cyber/Job Fair – 8 October 2018 in Fairfax, VA

 – Find out how you can participate with Apache community/projects/activities –opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more!

 – Are your software solutions Powered by Apache? Download & use our "Powered By" logos
= = =
For real-time updates, sign up for Apache-related news by sending mail to and follow @TheASF on Twitter. For a broader spectrum from the Apache community, provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #