76 posts tagged with "announcement"

Apache CloudStack security releases 4.18.1.1 and 4.19.0.1 address the CVEs listed below. Affected users are recommended to upgrade their CloudStack installations.

We are pleased to announce the release of Apache CloudStack CloudMonkey v6.4.0, the latest version of the popular command-line interface tool for managing Apache CloudStack environments.

The Apache Software Foundation and the Apache CloudStack Project Announces Apache® CloudStack® v4.19.

Apache CloudStack 4.19 is the most recent release of the cloud management platform. It comes as a product of extensive contributions from the development community and is a LTS release, guaranteeing ongoing maintenance and support for a period of 18 months.

The Apache CloudStack project is pleased to announce the release of CloudStack 4.18.1.0.

The CloudStack 4.18.1.0 release is a maintenance release as part of its 4.18.x LTS branch and contains around 200 fixes and improvements since the CloudStack 4.18.0.0 release.

We are pleased to announce the release of Apache CloudStack CloudMonkey v6.3.0, the latest version of the popular command-line interface tool for managing Apache CloudStack environments.

The Apache Software Foundation Announces Apache® CloudStack® v4.18.

Apache CloudStack 4.18.0.0 is a 4.18 LTS release with 300+ new features, improvements, and bug fixes since 4.17, including 19 major new features. Some of the highlights include:

Apache CloudStack LTS Maintenance Release 4.17.2.0​

The Apache CloudStack project is pleased to announce the release of CloudStack 4.17.2.0.

The CloudStack 4.17.2.0 release is a maintenance release as part of its 4.17.x LTS branch and contains more than 20 fixes since the CloudStack 4.17.1.0 release.

The global Apache CloudStack community is hosting its major annual event - CloudStack Collaboration Conference, running from November 14th to November 16th 2022. The conference will be taking place in Sofia, Bulgaria. However, the conference is hybrid, allowing speakers and attendees to join virtually.

The Apache CloudStack project is pleased to announce the release of CloudStack 4.17.1.0. The CloudStack 4.17.1.0 release is a maintenance release as part of its 4.17.x LTS branch and contains more than 150 fixes and improvements since the CloudStack 4.17.0.0 release.

Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin which is found to be vulnerable to XML external entity (XXE) injection. This plugin is not enabled by default and the attacker would require that this plugin be enabled to exploit the vulnerability. When the SAML 2.0 plugin is enabled in affected versions of Apache CloudStack could potentially allow the exploitation of XXE vulnerabilities. The SAML 2.0 messages constructed during the authentication flow in Apache CloudStack are XML-based and the XML data is parsed by various standard libraries that are now understood to be vulnerable to XXE injection attacks such as arbitrary file reading, possible denial of service, server-side request forgery (SSRF) on the CloudStack management server.