Language Selection

English French German Italian Portuguese Spanish

Apache: Self Assessment and Security

Filed under
Server
OSS
  • The Apache® Software Foundation Announces Annual Report for 2019 Fiscal Year

    The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the availability of the annual report for its 2019 fiscal year, which ended 30 April 2019.

  • Open Source at the ASF: A Year in Numbers

    332 active projects, 71 million lines of code changed, 7,000+ committers…

    The Apache Software Foundation has published its annual report for fiscal 2019. The hub of a sprawling, influential open source community, the ASF remains in rude good health, despite challenges this year including the need for “an outsized amount of effort” dealing with trademark infringements, and “some in the tech industry trying to exploit the goodwill earned by the larger Open Source community.”

    [...]

    The ASF names 10 “platinum” sponsors: AWS, Cloudera, Comcast, Facebook, Google, LeaseWeb, Microsoft, the Pineapple Fund, Tencent Cloud, and Verizon Media

  • Apache Software Foundation Is Worth $20 Billion

    Yes, Apache is worth $20 billion by its own valuation of the software it offers for free. But what price can you realistically put on open source code?

    If you only know the name Apache in connection with the web server then you are missing out on some interesting software. The Apache Software Foundation ASF, grew out of the Apache HTTP Server project in 1999 with the aim of furthering open source software. It provides a licence, the Apache licence, a decentralized governance and requires projects to be licensed to the ASF so that it can protect the intellectual property rights.

  • Apache Security Advisories Red Flag Wrong Versions in Patching Gaffe

    Researchers have pinpointed errors in two dozen Apache Struts security advisories, which warn users of vulnerabilities in the popular open-source web app development framework. They say that the security advisories listed incorrect versions impacted by the vulnerabilities.

    The concern from this research is that security administrators in companies using the actual impacted versions would incorrectly think that their versions weren’t affected – and would thus refrain from applying patches, said researchers with Synopsys who made the discovery, Thursday.

    “The real question here from this research is whether there remain unpatched versions of the newly disclosed versions in production scenarios,” Tim Mackey, principal security strategist for the Cybersecurity Research Center at Synopsys, told Threatpost. “In all cases, the Struts community had already issued patches for the vulnerabilities so the patches exist, it’s just a question of applying them.”

More in Tux Machines

OpenSSH, Squid, PostgreSQL Update in Tumbleweed

Three openSUSE Tumbleweed snapshots released this week have brought updates for text editors, browsers, emails clients, database management systems and many other pieces of software. Mozilla Firefox, Thunderbird, nano, and PostgreSQL were all in the latest 20211012 snapshot. A new major version of Firefox 93.0 added support for the optimised image format AVIF, which offers a significant file size reduction as opposed to other image formats. The browser also improved web compatibility for privacy protections and fixed more than a handful of Common Vulnerabilities and Exposures. Thunderbird 91.2.0 addressed many of the same CVEs, fixed some issues with the calendar and fixed the new mail notifications that did not properly take subfolders into account. The 5.9 version of text editor nano added syntax highlighting for YAML files and fetchmail 6.4.22 added a few patches, addressed a CVE related to an IMAP connections and now highlights being compatible with OpenSSL 1.1.1 and 3.0.0. The new major version of postgresql 14 provided improvements for heavy workloads, enhanced distributed workloads and added a couple more predefined roles like pg_read_all_data, pg_write_all_data and pg_database_owner. Other packages to update in the snapshot were GNOME’s document viewer evince 41.2, Flatpak 1.12.1, graphics library gegl 0.4.32, glusterfs 9.3 and many RubyGems and YaST package updates. Read more Also: openSUSE Tumbleweed – Review of the weeks 2021/40 & 41

Games: Dystopian Army Builder, Hellraid DLC, and More

  • Uh oh, looks like Despot's Game: Dystopian Army Builder is going to suck all my time away | GamingOnLinux

    Despot's Game: Dystopian Army Builder is a brand new release from Konfa Games and tinybuild that sees you command a bunch of naked people and send them through a strange post-apocalyptic labyrinth. Note: personal purchase. Like it Loop Hero, you have no direct control during combat you just watch it play out and hope for the best. Here though you're running through some kind of maze-like dungeon full of strange machines, with multiple people you need to look after. They'll likely die a lot though, don't get too attached, you can buy more naked people. Eventually you might come across the nefarious d’Spot who runs the show and perhaps destroy them to earn your freedom. It blends together quite a few different genres and it feels totally unique. The structure is a bit like The Binding of Isaac with you going from room to room, it's also a strategy game with you buying people and equipping them with various weapons you buy from shops spread throughout the maze and then there's the fusion of auto battling so you can sit back and watch the mess unfold.

  • Techland continue expanding the Hellraid DLC as they try to improve reviews | GamingOnLinux

    When Techland released the Hellraid DLC in August 2020 inspired by their unreleased dark fantasy slasher Hellraid the reviews were not kind, as it was very basic but they've kept at it and another big update is out now.

  • Brawlhalla to get Easy Anti-Cheat, dev puts up Beta with EAC working on Linux with Proton | GamingOnLinux

    Blue Mammoth Games announced that later in October that the platform-fighter Brawlhalla will be getting Easy Anti-Cheat. Thankfully, they've put up a Beta for Linux users playing it on Steam Play Proton and it works.

  • Apple is now funding Blender development joining many big names | GamingOnLinux

    There's apparently absolutely no stopping the Blender train, with the developer announcing that Apple has now joined their development fund.

  • Valve banning games that allow exchanging cryptocurrencies or NFTs | GamingOnLinux

    It seems Valve aren't a big fan of cryptocurrencies or NFTs as they've updated their onboarding guide with a new point about disallowing games that allow you to exchange them. Under the Rules and Guidelines heading where it mentions "What you shouldn’t publish on Steam" there's a new line that states "Applications built on blockchain technology that issue or allow exchange of cryptocurrencies or NFTs".

  • Check out this crowdfunding campaign to learn Godot Engine from GDQuest | GamingOnLinux

    GDQuest, a well-known name in the free and open source Godot Engine land has launched a new crowdfunding campaign aiming to get you to go from zero to hero with Godot programming. A course aimed at anyone and everyone who fancies getting into making games with Godot. The founder of GDQuest, Nathan Lovato, emailed in a little info about it: " Learn to Code From Zero is a course for everyone who wants to learn development. With it, you will learn programming from the very basics to creating a complete video game inspired by the hectic action game Enter the Gungeon. Game development courses typically consist of hours of step-by-step tutorials. They feel nice while you follow along, but as soon as you're left alone, working on your game, you get stuck.

LibreOffice Leftovers

  • Michael Meeks/2021-10-15 Friday

    After Italo's keynote announcement of the new LibreOffice Technology marketing plan at the LibreOffice conference, we lost no time integrating this great way to fairly present the goodness of LibreOffice that we depend on to build Collabora Online & Collabora Office mobile into the product. With new links that can take you to our LibreOffice Technology page where we can celebrate the community & credit all the hard work done under the hood here, and of course the logo. Still a work-in-progress, and will start to appear in our products over the next weeks as/when we refresh them, but so far it looks like this for desktop & mobile [...] up-coming COOL About dialog up-coming COOL About dialog Thanks to Italo & Mike at TDF for developing the concept, and also to Pedro & Elisa, for their work on the code & logos - we'll be iterating it with them over the next days & weeks.

  • Let's do awesome things! Get support for your projects and ideas from our budget - The Document Foundation Blog

    Want to organise a local (or online) LibreOffice event? Need some merchandise to boost your project or community? Then we can help you! The Document Foundation, the non-profit behind LibreOffice, is backed by contributions from ecosystem members and volunteers, as well as donations from end-users. This helps us to maintain TDF, but we can do a lot more too. And next year, we want to do a lot of projects again!

  • Next batch of videos from the LibreOffice Conference 2021 - The Document Foundation Blog

    Here are some more videos from the LibreOffice Conference 2021! Check out the playlist, using the button in the top-right – or scroll down for links to individual videos...

  • Automated bibisect to find source of a bug - LibreOffice Development Blog

    In programming, we usually face bugs that we should fix to maintain or improve our software. In order to fix a bug, first we should find the source of the problem, and there are tools like “Automated bibisect” are available to help, specially when the bug is a regression.

Xubuntu 21.10 released!

The Xubuntu team is happy to announce the immediate release of Xubuntu 21.10. Xubuntu 21.10, codenamed Impish Indri, is a regular release and will be supported for 9 months, until June 2022. If you need a stable environment with longer support time we recommend that you use Xubuntu 20.04 LTS instead. The final release images are available as torrents and direct downloads from xubuntu.org/download/. As the main server might be busy in the first few days after the release, we recommend using the torrents if possible. Xubuntu Core, our minimal ISO edition, is available to download from unit193.net/xubuntu/core/ [torrent]. Find out more about Xubuntu Core here. Read more