Language Selection

English French German Italian Portuguese Spanish

Apache: Self Assessment and Security

Filed under
Server
OSS
  • The Apache® Software Foundation Announces Annual Report for 2019 Fiscal Year

    The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the availability of the annual report for its 2019 fiscal year, which ended 30 April 2019.

  • Open Source at the ASF: A Year in Numbers

    332 active projects, 71 million lines of code changed, 7,000+ committers…

    The Apache Software Foundation has published its annual report for fiscal 2019. The hub of a sprawling, influential open source community, the ASF remains in rude good health, despite challenges this year including the need for “an outsized amount of effort” dealing with trademark infringements, and “some in the tech industry trying to exploit the goodwill earned by the larger Open Source community.”

    [...]

    The ASF names 10 “platinum” sponsors: AWS, Cloudera, Comcast, Facebook, Google, LeaseWeb, Microsoft, the Pineapple Fund, Tencent Cloud, and Verizon Media

  • Apache Software Foundation Is Worth $20 Billion

    Yes, Apache is worth $20 billion by its own valuation of the software it offers for free. But what price can you realistically put on open source code?

    If you only know the name Apache in connection with the web server then you are missing out on some interesting software. The Apache Software Foundation ASF, grew out of the Apache HTTP Server project in 1999 with the aim of furthering open source software. It provides a licence, the Apache licence, a decentralized governance and requires projects to be licensed to the ASF so that it can protect the intellectual property rights.

  • Apache Security Advisories Red Flag Wrong Versions in Patching Gaffe

    Researchers have pinpointed errors in two dozen Apache Struts security advisories, which warn users of vulnerabilities in the popular open-source web app development framework. They say that the security advisories listed incorrect versions impacted by the vulnerabilities.

    The concern from this research is that security administrators in companies using the actual impacted versions would incorrectly think that their versions weren’t affected – and would thus refrain from applying patches, said researchers with Synopsys who made the discovery, Thursday.

    “The real question here from this research is whether there remain unpatched versions of the newly disclosed versions in production scenarios,” Tim Mackey, principal security strategist for the Cybersecurity Research Center at Synopsys, told Threatpost. “In all cases, the Struts community had already issued patches for the vulnerabilities so the patches exist, it’s just a question of applying them.”

More in Tux Machines

SMARC carrier board and design service supports six modules

MSC announced a compact SimpleFlex carrier board and custom manufacturing service that supports six MSC SMARC 2.0 modules with i.MX8, i.MX8M. i.MX8M Mini. i.MX6, Intel Apollo Lake, and Xilinx Zynq UltraScale+. In 2016, Avnet-owned MSC Technologies announced a 148 x 102mm carrier board form-factor and manufacturing service called SimpleFlex with an initial MSC Q7-MB-EP5 product designed for its Qseven modules. Now, it has announced a smaller, 146 x 80mm MSC SM2S-MB-EP5 version for MSC SMARC 2.0 “short” modules. The new board adds a USB Type-C port with DisplayPort along with an M.2 M-key slot for storage. Read more

today's leftovers

  • FAI 5.8.7 and new ISO images using Debian 10

    The new FAI release 5.8.7 now supports apt keys in files called package_config/CLASS.gpg. Before we only supported .asc files. fai-mirror has a new option -V, which checks if variables are used in package_config/ and uses variable definitions from class/.var.

  • Video recap: LibreOffice Conference 2019 in Almeria, Spain

    Here’s a quick recap of the LibreOffice Conference 2019 that took place last week in Almeria, Spain! Over the next couple of weeks, we’ll also upload videos from the individual presentations…

German ministry hellbent on taking back control of 'digital sovereignty', cutting dependency on Microsoft

The Federal Ministry of the Interior (Bundesministerium des Innern or BMI) in Germany says it will reduce reliance on specific IT suppliers, especially Microsoft, in order to strengthen its "digital sovereignty". In an official statement, the Federal Minister of the Interior Horst Seehofer states that “in order to ensure our digital sovereignty, we want to reduce dependencies on individual IT providers. We are also considering alternative programs to replace certain software. This will be done in close coordination with other EU countries.” BMI commissioned a strategic market analysis from consultants PwC, resulting in a paper that was published last month. The paper examines the risks inherent in IT dependency on commercial software vendors, with a particular focus on Microsoft because of the heavy use of its products and the way they are interconnected, especially Microsoft Office, Windows, Windows Server and Office 365. Read more

Android Leftovers