Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Java

Apache Harmony Moves To Apache Attic 120

Posted by Soulskill
from the giving-up-the-ghost dept.
think_nix writes "After the resignation of Apache from the Java SE/EE Executive Committee, the time has now come for Harmony to be added to the Apache Attic. Harmony was 'the project to produce an open source cleanroom implementation of Java.' An open vote was taken within the Project Management Committee, which resulted in a 20-2 majority to discontinue development."
Security

Apache Fixes Range Header Flaw, Again 21

Posted by samzenpus
from the got-it-this-time dept.
Trailrunner7 writes "Two weeks after releasing a fix for the range-header denial-of-service flaw that was much-discussed on security forums and mailing lists, the Apache Software Foundation has pushed out another version of its popular Web server that includes a further fix for the same flaw. Apache 2.2.21 has a patch for the CVE-2011-3192 vulnerability that the group previously fixed in late August with the release of version 2.2.20. The vulnerability is an old one that recently resurfaced after a researcher published an advisory on a modified version of the bug and also released a tool capable of exploiting the vulnerability."
Cloud

NSA Makes Contribution To Apache Hadoop Project 102

Posted by samzenpus
from the need-a-hand? dept.
An anonymous reader writes "The National Security Agency has submitted a new database, Accumulo, to the Apache Foundation for incubation. Accumulo is based on the original BigTable paper with some extensions such as the ability to provide cell-level security. It appears there are some hurdles that must be cleared concerning copyright before the project could be accepted."
Security

"Apache Killer" Web Server Hole Plugged 48

Posted by samzenpus
from the shields-up dept.
CWmike writes "The Apache open-source project has patched its Web server software to quash a bug that a denial-of-service (DoS) tool has been exploiting. Apache 2.2.20, released Tuesday, plugs the hole used by an 'Apache Killer' attack tool. On Aug. 24, project developers had promised a fix within 48 hours, then revised the timetable two days later to 24 hours. The security advisory did not explain the delay."
Bug

Fix For Apache DoS Bug In the Pipes 49

Posted by timothy
from the gurgling-through dept.
Trailrunner7 writes with the report that "The Apache Software Foundation plans to have a fix available in the next day or so [Note: that means today, now. --Ed.] for the denial-of-service problem in Apache that was publicized late last week. The bug, which in some forms has been under discussion for more than four years, involves the way that the Web server handles certain overlapping range headers. The vulnerability is a denial-of-service bug, but it is considered serious because a remote attacker can essentially take a targeted server offline with little effort and resources. The Apache Software Foundation, which maintains the popular open-source Web server, updated its advisory on the vulnerability, saying that it expects to have a full fix available for the vulnerability within the next 24 hours."
Security

Apache Warns Web Server Admins of DoS Attack Tool 82

Posted by samzenpus
from the protect-ya-neck dept.
CWmike writes "Developers of the Apache open-source project warned users of the Web server software on Wednesday that a denial-of-service (DoS) tool is circulating that exploits a bug in the program. 'Apache Killer' showed up last Friday in a post to the 'Full Disclosure' security mailing list. The Apache project said it would release a fix for Apache 2.0 and 2.2 in the next 48 hours. All versions in the 1.3 and 2.0 lines are said to be vulnerable to attack. The group no longer supports the older Apache 1.3. 'The attack can be done remotely and with a modest number of requests can cause very significant memory and CPU usage on the server,' Apache said in an advisory. The bug is not new. Michal Zalewski, a security engineer who works for Google, pointed out that he had brought up the DoS exploitability of Apache more than four-and-a-half years ago. In lieu of a fix, Apache offered steps administrators can take to defend their Web servers until a patch is available."
Java

Oracle's Java Policies Are Destroying the Community 314

Posted by Unknown Lamer
from the shares-in-haskell-inc-up-ten-points dept.
snydeq writes "Neil McAllister sees Oracle's buggy Java SE 7 release as only the latest misstep in a mounting litany of bad behavior. 'Who was the first to alert the Java community? The Apache Foundation. Oh, the irony. This is the same Apache Foundation that resigned from the Java Community Process executive committee in protest after Oracle repeatedly refused to give it access to the Java Technology Compatibility Kit,' McAllister writes. 'It seems as if Oracle would like nothing better than to stomp Apache and its open source Java efforts clean out of existence.'"
Java

Java 7 Ships With Severe Bug 180

Posted by Soulskill
from the meeting-expectations dept.
Lisandro writes "Lucid Imagination just posted an announcement about a severe bug in the recently released Java 7. Apparently some loops are mis-compiled due to errors in the HotSpot compiler optimizations, which causes programs to fail. This bug affects several Apache projects directly — Apache Lucene Core and Apache Solr have already raised a warning, noting that the bug might be present in Java 6 as well."
Open Source

IBM Donates Symphony Code To Apache Software Foundation 131

Posted by timothy
from the don't-say-bequeath-until-you-die-please dept.
CWmike writes "Hoping to further sharpen OpenOffice's competitive viability against Microsoft Office, IBM is donating the code of its Symphony open source office suite to the nonprofit Apache Software Foundation. Apache could fold this code into its own open source office suite OpenOffice, on which Symphony was based. In June, Oracle donated the OpenOffice suite to Apache. 'Prior to Apache's entry, there really hasn't been enough innovation in this area over the past 10 years,' said Kevin Cavanaugh, an IBM vice president. 'It's been constrained because we haven't had a true open source community with a mature governance model.'"
Open Source

The Future of OpenOffice.org 66

Posted by Soulskill
from the reply-hazy-ask-again dept.
snydeq writes "Oracle's decision to spin OpenOffice.org into an Apache incubation podling raises several questions regarding the future of the code, not the least of which is how it will co-exist with LibreOffice. Also of note are the business implications of Oracle's decision, which some see opening up commercial opportunities for OpenOffice.org support, as well as a likely push from Google and IBM to woo current OpenOffice.org customers to Google Docs and Lotus Symphony."
Open Source

Oracle To Give OpenOffice.org To Apache Incubator 129

Posted by samzenpus
from the final-destination dept.
Julie188 writes "Oracle has finally officially spilled the beans: It's proposing OpenOffice.org as an Apache Incubator project — and not handing it to The Document Foundation. Oracle had announced earlier this year that it would be passing the torch to the community, but failed to provide any specifics about the ultimate destination. The Document Foundation is the organization behind the OpenOffice fork, LibreOffice."
Android

Oracle Subpoenas Apache Foundation In Google Suit 98

Posted by CmdrTaco
from the battle-of-the-paperwork dept.
angry tapir writes "Oracle has subpoenaed the Apache Software Foundation in connection with its ongoing intellectual property suit against Google. Oracle filed suit against Google in August, alleging that its Android mobile operating system infringes on seven of Oracle's Java patents. Google has denied any wrongdoing. The subpoena, which was received by ASF on Monday, seeks 'the production of documents related to the use of Apache Harmony code in the Android software platform, and the unsuccessful attempt by Apache to secure an acceptable license to the Java SE Technology Compatibility Kit.'"
Google

Does Google Pin Copyright Violations On the ASF? 136

Posted by Soulskill
from the plot-thickens dept.
An anonymous reader writes "Florian Mueller claims to have produced new evidence that he believes supports Oracle's case against Google on the copyright side of the lawsuit. Oracle originally presented one example to the court, and that file was found to have been part of older Android distributions, with an Apache license header. Mueller has just published six more files of that kind and believes the Apache Software Foundation will disown those just like the first one because those were never part of the Apache Harmony code base. Furthermore, various source files from the Sun Java Wireless Toolkit were found in the Android codebase, containing a total of 38 copyright notices that mark them as proprietary and confidential, but Google apparently published their source code regardless."
Databases

Cassandra 0.7 Can Pack 2 Billion Columns Into a Row 235

Posted by timothy
from the but-only-if-they're-really-thin dept.
angry tapir writes "The cadre of volunteer developers behind the Cassandra distributed database have released the latest version of their open source software, able to hold up to 2 billion columns per row. The newly installed Large Row Support feature of Cassandra version 0.7 allows the database to hold up to 2 billion columns per row. Previous versions had no set upper limit, though the maximum amount of material that could be held in a single row was approximately 2GB. This upper limit has been eliminated."

The IQ of the group is the lowest IQ of a member of the group divided by the number of people in the group.

Working...