Latest Product Updates and Feature Enhancements on Apache Jackrabbit
Apache Elevates Open Source Projects Gluten And Polaris To Top-Level ...
Apache Software Foundation has elevated two open source projects, Apache Gluten and Apache Polaris, to Top-Level Project status. Apache Gluten enhances SQL and DataFrame workloads in Apache Spark, wh...ile Apache Polaris improves interoperability across data engines using Apache Iceberg's REST API. This graduation signifies project maturity and strengthens big-data performance and interoperability.
The Apache Software Foundation Graduates Two Open Source Projects from Incubator
The Apache Software Foundation has elevated Apache Gluten and Apache Polaris to Top-Level Project status. Apache Gluten enhances Apache Spark's performance by offloading tasks to native engines, whil...e Apache Polaris offers a catalog for Apache Iceberg, enabling multi-engine interoperability. This graduation signifies the maturity and technological advancement of both projects.
Threat Actors Exploit Apache ActiveMQ Server Vulnerability to Gain RDP ...
A critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, has been exploited by threat actors to deploy LockBit ransomware across an enterprise network. The flaw allowed remote code ...execution, leading to system encryption via Remote Desktop Protocol. Organizations are urged to patch Apache ActiveMQ immediately to prevent further breaches.
CVE-2020-17530 Apache Struts OGNL Injection
A critical vulnerability (CVE-2020-17530) in Apache Struts, affecting versions 2.0.0 to 2.5.25, allows remote code execution through OGNL injection. Qualys Web Application Scanning can detect this fl...aw, which requires upgrading to Apache Struts 2.5.26 or later for remediation. The vulnerability arises from forced OGNL evaluation, leading to double evaluation of user inputs.
Apache Polaris Graduates to Top-Level Apache Project
Apache Polaris, co-created by Dremio, has graduated to a top-level Apache Project, signifying its maturity and broad adoption as a standard metadata catalog for Apache Iceberg. This open-source proje...ct enhances multi-engine interoperability and offers a vendor-neutral alternative to proprietary solutions like AWS Glue. Dremio continues to contribute actively, integrating Polaris into its cloud platform with enterprise-grade features.
Apache NiFi Vulnerability Enables Authorization Bypass
A vulnerability in Apache NiFi allows unauthorized access, posing a security risk. This flaw could let attackers bypass authorization controls, potentially compromising data integrity and confidentia...lity.
The Apache Software Foundation Announces New Top-Level Project
The Apache Software Foundation announced that Apache HugeGraph has graduated to a Top-Level Project. HugeGraph is a full-stack platform integrating graph database, computing, and AI capabilities, sup...porting massive data storage and real-time querying. It integrates with Apache Flink, Apache Spark, and Apache SeaTunnel, and aims to enhance AI model accuracy and explainability.
Critical Apache Commons Text Vulnerability Enables Remote Code ...
A critical remote code execution vulnerability (CVE-2025-46295) in Apache Commons Text, affecting versions before 1.10.0, allows attackers to exploit unsafe interpolation features. The issue has been... resolved in version 1.14.0. Users are urged to update to mitigate risks, especially in Java-based services.
Announcing Apache Airflow 3.0 support in Amazon Managed Workflows for ...
Amazon Managed Workflows for Apache Airflow now supports Apache Airflow 3.0, enhancing workflow orchestration with a redesigned interface, event-driven scheduling, and a new Task SDK. This update imp...roves security, usability, and efficiency, supporting Python 3.12 and offering advanced features like scheduler-managed backfill.