Happy Friday, everyone. The Apache community has had another great week. Let's review what we've been up to:
ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
- Next Board Meeting: 19 January 2022. Board calendar and minutes https://apache.org/foundation/board/calendar.html
ASF Infrastructure – our distributed team on three continents keeps the ASF's infrastructure running around the clock.
7M+ weekly checks yield uptime at 99.99%. Performance checks across 50
different service components spread over more than 250 machines in data
centers around the world. View the ASF's Infrastructure Uptime site to see the most recent averages.
Apache Code Snapshot –
Over the past week, 317 Apache Committers changed 9,133,089 lines of
code over 3,258 commits. Top 5 contributors, in order, are: Gary Gregory, Harikrishna Patnala, Claus Ibsen, Duo Zhang, and Andi Huber.
Apache Project Announcements – the latest updates by category.
- Apache Log4j 2.3.1, 2.12.3, and 2.17.0 released
-- CVE-2021-45105: Log4j2 does not always protect from infinite recursion in lookup evaluation
- Apache MXNet (Incubating) 1.9.0 released
- Apache Daffodil 3.2.1 released
- Apache HTTP Server 2.4.52 released
-- CVE-2021-44790: Possible buffer overflow when parsing multipart content in mod_lua
-- CVE-2021-44224: Possible NULL dereference or SSRF in forward proxy configurations
- Apache HttpComponents Core 5.1.3 GA released
- Apache Struts 220.127.116.11 and 18.104.22.168 released
Did You Know?
- Did you know that ASF Security posted the status of more than three
dozen Apache Projects in relation to the recent Apache Log4j
vulnerability? https://blogs.apache.org/security/entry/cve-2021-44228 (please check individual projects not included in this list for updates)
- Did you know that Apache Roller (which powers blogs.apache.org)
new v6.1.0 contains upgrades for more than a dozen dependencies
(including Log4j), along with many bug fixes and improvements to the
code base? https://roller.apache.org/
- Did you know that tax-deductible donations support the ASF's day-to-day
operations that benefit 350+ Apache Projects and their communities?
Donate online using ACH, credit card, PayPal, Apple Pay, Google Pay, and
Microsoft Pay https://donate.apache.org/
Apache Community Notices
- The Apache Way to Sustainable Open Source Success
- Presentations from 2021's ApacheCon Asia and ApacheCon@Home are available on the ASF YouTube channel.
- "Success at Apache" focuses on the people and processes behind why the ASF "just works."
- Inside Infra: the new interview series with members of the ASF infrastructure team --meet
Chris Thistlethwaite https://s.apache.org/InsideInfra-Chris
Drew Foulks https://s.apache.org/InsideInf
Greg Stein Part I https://s.apache.org/InsideInfra-Greg
...Part II https://s.apache.org/InsideInfra-Greg2 and Part III https://s.apache.org/InsideInfra-Greg3
Daniel Gruno Part I https://s.apache.org/InsideInfra-Daniel1 and Part II https://s.apache.org/InsideInfra-Daniel2
Gavin McDonald Part I https://s.apache.org/InsideInfra-Gavin and Part II https://s.apache.org/InsideInfra-Gavin2
Andrew Wetmore Part I https://s.apache.org/InsideInfra-Andrew and Part II https://s.apache.org/InsideInfra-Andrew2
Chris Lambertus Part I https://s.apache.org/InsideInfra-ChrisL and Part II https://s.apache.org/InsideInfra-ChrisL2
Stay updated about The ASF
real-time updates, sign up for Apache-related news by sending mail to
firstname.lastname@example.org and follow @TheASF on Twitter. For a
broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.