The week has zipped by –it’s Friday already– and it’s time to take a
look at what the Apache community has been up to over the past week:

ASF Board – management and oversight of the business affairs of the corporation in accordance with the Foundation’s bylaws.
 – Next Board Meeting: 21 July 2021. Board calendar and minutes https://apache.org/foundation/board/calendar.html

ApacheCon™ – the ASF’s official global conference series, bringing Tomorrow’s Technology Today since 1998. ApacheCon Asia (6-8 August) and ApacheCon@Home (21-23 September) are being held online and free-of-charge:
 – The Apache® Software Foundation Welcomes its Global Community Online at ApacheCon Asia https://s.apache.org/ACAsia2021
 – Program, registration, and Sponsorship opportunities available for both events https://www.apachecon.com/

ASF Infrastructure – our distributed team on three continents keeps the ASF’s infrastructure running around the clock.
 – 7M+ weekly checks yield uptime at 99.96%. Performance checks across 50 different service components spread over more than 250 machines in data centers around the world. http://www.apache.org/uptime/

Apache Code Snapshot – Over the past week, 339 Apache Committers changed 1,212,020 lines of
code over 2,824 commits. Top 5 contributors, in order, are: Gary Gregory, Andrea Cosentino, Alex Herbert, Till Rohrmann, and Shen Yi.     

Apache Project Announcements – the latest updates by category.

Big Data —
 – Apache Beam 2.31.0 released https://beam.apache.org/
 – Apache XMLBeans 5.0.1 released  https://xmlbeans.apache.org/

Build Management —
 – Apache Ant 1.9.16 and 1.10.11 released https://ant.apache.org/
   — CVE-2021-36374: ZIP and ZIP based, archive denial of
service https://s.apache.org/zpczu
   — CVE-2021-36373: TAR archive denial of service https://s.apache.org/4q75p

Content —
 – Apache Jackrabbit 2.21.7 released http://jackrabbit.apache.org/

Identity Management —
 – Apache Fortress 2.0.6 released http://directory.apache.org/fortress/

Integration —
 – Apache Camel 3.7.5 released https://camel.apache.org/

Libraries —
 – Apache Commons Compress 1.21 released https://commons.apache.org/compress/
   — CVE-2021-36090: Compress 1.0 to 1.20 denial of
service vulnerability https://s.apache.org/q8amn
   — CVE-2021-35517: Compress 1.1 to 1.20 denial of
service vulnerability https://s.apache.org/c62m8
   — CVE-2021-35516: Compress 1.6 to 1.20 denial of
service vulnerability https://s.apache.org/10vmz
   — CVE-2021-35515: Compress 1.6 to 1.20 denial of
service vulnerability https://s.apache.org/nr26m 
 – Apache Commons IO 2.11.0 released https://commons.apache.org/proper/commons–io

Messaging —
 – Apache Qpid JMS 1.1.0 released https://qpid.apache.org/

Network Client/Server —
 – Apache MINA CVE-2021-30129: DoS/OOM leak vulnerability in SSHD Server https://s.apache.org/3oiwl

Observability —
 – Apache SkyWalking Client JS 0.6.0 released https://skywalking.apache.org/

Servers —
 – Apache Tomcat CVE-2021-30639: Denial of Service https://s.apache.org/j21aj
   — CVE-2021-33037: HTTP request smuggling https://s.apache.org/9sjso
   — CVE-2021-30640: JNDI realm authentication weakness https://s.apache.org/hcsp0

Web Frameworks —
 – Apache Wicket 8.13.0 released https://wicket.apache.org/

Did You Know?

– Did you know that Airbnb’s Minerva observability platform uses Apache Druid to achieve metric consistency at scale? https://druid.apache.org/ 

– Did you know that the Apache Ignite 3.0.0 Alpha 2 Build Community Gathering will take place on 20 July? https://ignite.apache.org/

– Did you know that the next ApacheTVM community meeting will take place online on 22 July? https://tvm.apache.org/community 

Apache Community Notices

– The Apache Month in Review: June 2021 https://s.apache.org/June2021 and video highlights https://youtu.be/yIE8SSHw2iw

– The Apache® Software Foundation Celebrates 22 Years of Open Source Leadership – world’s largest Open Source foundation advances community-led innovation “The Apache Way” https://s.apache.org/22ndAnniversay

– The Apache Software Foundation Operations Summary: Q3 FY2021 (November 2020 – January 2021) https://s.apache.org/Q3FY2021 + Video highlights https://youtu.be/S6FWqAuA_8M

– Apache in 2020 – By The Digits https://s.apache.org/Apache2020Digits + Video highlights https://s.apache.org/Apache2020Digits-vid

– ASF Security Report 2020 https://s.apache.org/SecurityReport2020 + Video highlights https://youtu.be/Z7yudar_da0

– ASF FY2020 Annual Report https://s.apache.org/FY2020AnnualReport

– “Trillions and Trillions Served” documentary on the ASF: 1) full feature https://s.apache.org/Trillions-Feature 2) “Apache Everywhere” https://s.apache.org/ApacheEverywhere 3) “Why Apache” https://s.apache.org/ASF-Trillions 4) “Apache Innovation” https://s.apache.org/ApacheInnovation 

 – The Apache Way to Sustainable Open Source Success https://s.apache.org/GhnI

 – Foundation Reports and Statements http://www.apache.org/foundation/reports.html

 – All presentations from ApacheCon@Home are available at https://www.youtube.com/c/TheApacheFoundation/ 

 – “Success at Apache” focuses on the people and processes behind why the ASF “just works”. https://blogs.apache.org/foundation/category/SuccessAtApache