OpenUpdate - July 22, 2021

Stay Informed

This week, read about:

Google Details iOS, Chrome, IE Zero-Day Flaws Exploited Recently in the Wild.
The End of Open Source?
Square is Building a New Open-Source Platform for Bitcoin, and It's Calling it 'TBD'.

Key Security, Maintenance, and Features Releases

Security Updates

Apache Ant 1.9.16 and 1.10.11
When reading a specially crafted archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant.
It affects reading (or updating) tar archives as well as archives using the zip format or formats derived from it. Commonly used derived formats from ZIP archives are for instance JAR files and many office files.
This was fixed in revision 6594a2d.
These issues are similar to CVE-2021-35517 and CVE-2021-36090 present in Apache Commons Compress which has been detected by OSS Fuzz.
Affects: up to 1.9.15 / 1.10.10. Versions prior to 1.4 are not affected, versions prior to 1.9.0 are not affected when reading tar archives.

Non-Security Updates

Apache Camel K 1.5.0
chore: Remove Camel Sources support from Knative trait #2460 (astefanutti)
chore: Update embedded camel-catalog-1.8.0-SNAPSHOT.yaml #2459 (astefanutti)
chore: Remove unsupported probe-path property from container trait #2458 (astefanutti)
fix: Filter influencing traits to lookup matching kits #2457 (astefanutti)

Firefox 90
On Windows, updates can now be applied in the background while Firefox is not running.
Firefox for Windows now offers a new page about:third-party to help identify compatibility issues caused by third-party applications
Exceptions to HTTPS-Only mode can be managed in about:preferences#privacy
Print to PDF now produces working hyperlinks

Hibernate ORM 5.3.21
HHH-14616 Optimistic Lock throws org.hibernate.exception.SQLGrammarException: could not retrieve version
HHH-14608 Merge causes StackOverflow when JPA proxy compliance is enabled
HHH-14537 EntityNotFoundException thrown when non-existing association with @NotFound(IGNORE) mapped has proxy in PersistenceContext
HHH-14247 Automatic release scripts, wrong Jira release url

Jenkins 2.302
Optimize access control checks affecting (at least) Pipeline node steps. (pull 5586)
Developer: The hudson.util.SubClassGenerator and experimental hudson.model.TreeView class have been removed without replacement. (pull 5566, pull 5603)

Kubernetes 1.21.2
Fix scoring for NodeResourcesMostAllocated and NodeResourcesBalancedAllocation plugins when nodes have containers with no requests. This was leaving to under-utilization of small nodes. (#102925, @alculquicondor) [SIG Scheduling]
ServiceOwnsFrontendIP shouldn't report error when the public IP doesn't match (#102516, @nilo19) [SIG Cloud Provider]
Switch scheduler to generate the merge patch on pod status instead of the full pod (#103133, @marwanad) [SIG Scheduling]
VSphere: Fix regression during attach disk if datastore is within a storage folder or datastore cluster. (#102969, @gnufied) [SIG Cloud Provider]

Spring Framework 5.3.9
Configure CommonsMultipartResolver to support specific HTTP methods #27161
Allow BeanDefinitionBuilder to set an instance supplier with a ResolvableType #27160
Reason of @ResponseStatus on handler method is not resolved by MessageSource #27156
ResourceHandlerRegistry#getHandlerMapping should initialize handler once in outer loop #27153

Squid Web Cache 4.16
- Regression Fix: --with-valgrind-debug build broken since 4.15
- Bug 5129 pt1: remove Lock use from HttpRequestMethod
- Bug 5128: Translation: Fix '% i' typo in es/ERR_FORWARDING_DENIED
- Bug 4528: ICAP transactions quit on async DNS lookups

Guide to Open Source Relational Databases

Choosing a database is a big decision for any enterprise, and one that can have lasting repercussions. In this blog, we look at open source relational database management systems (open source RDBMS), and the factors that organizations should consider before choosing a RDBMS.

OpenUpdate - July 15, 2021

Stay Informed

This week, read about:

Hackers Use New Trick to Disable Macro Security Warnings in Malicious Office Files.
DARPA Makes Hardware Bug Bounty Platform Open Source.
Open-Source Software Needs a Security Incentive Program.

Key Security, Maintenance, and Features Releases

Non-Security Updates

Apache Camel 3.7.5
CAMEL-16718
Conflict with Netty TCP + Resilience4J circuit breaker
CAMEL-16707
camel-rabbitmq connection leak on error during 'declare'
CAMEL-16699
HttpProducer skip request headers for query params on bridge endpoint broken for common types
CAMEL-16681
LazyStartProducer can result in NullPointerException in a multithreaded context

Apache Tomcat 8.5.69
Code: Refactor the RemoteIpValve to use the common utility method for list to comma separated string conversion. (markt)
Fix: Fix serialization warnings in UserDatabasePrincipal reported by SpotBugs. (markt)
Fix: 65397: Calls to ServletContext.getResourcePaths() no longer include symbolic links in the results unless allowLinking has been set to true. If a resource is skipped because of this change, a warning will be logged as this typically indicates a configuration issue. (markt)

Docker 3.5.2
compose run and compose exec commands use separate streams for stdout and stderr. See docker/compose-cli#1873.
compose run and compose exec commands support detach keys. Fixes docker/compose-cli#1709.
Fixed --force and --volumes flags on compose rm command. See docker/compose-cli#1844.
Fixed network’s IPAM configuration. Service can define a fixed IP. Fixes for docker/compose-cli#1678 and docker/compose-cli#1816

The New Stack: Cassandra, Kafka, and Spark

This new white paper shows how this open source stack for streaming data is transforming sales, supply chain management, and overall business outcomes.

OpenUpdate - July 8, 2021

Stay Informed

This week, read about:

Microsoft Urges Azure Users to Update PowerShell to Patch RCE Flaw.
XiangShan Open-Source 64-bit RISC-V Processor to Rival Arm Cortex-A76.
5 Open Source Cloud Monitoring Tools to Consider.

Key Security, Maintenance, and Features Releases

Non-Security Updates

Apache Tomcat 9.0.50 and 10.0.8
10.0.8
Code: Refactor the RemoteIpValve to use the common utility method for list to comma separated string conversion. (markt)
Code: Refactor JNDIRealm$JNDIConnection so its fields are accessible to sub-classes of JNDIRealm. (markt)
Fix: Fix serialization warnings in UserDatabasePrincipal reported by SpotBugs. (markt)
Fix: 65397: Calls to ServletContext.getResourcePaths() no longer include symbolic links in the results unless allowLinking has been set to true. If a resource is skipped because of this change, a warning will be logged as this typically indicates a configuration issue. (markt)
9.0.50
Fix: Jakarta to Javax backport issue in tests. (remm)

PHP 7.4.21, 7.3.29 and 8.0.8
7.4.21
Fixed bug #81068 (Double free in realpath_cache_clean()).
Fixed bug #76359 (open_basedir bypass through adding "..").
Fixed bug #81090 (Typed property performance degradation with .= operator).
Fixed bug #81070 (Integer underflow in memory limit comparison).
7.3.29
Fixed bug #76448: Stack buffer overflow in firebird_info_cb. (CVE-2021-21704)
Fixed bug #76449: SIGSEGV in firebird_handle_doer. (CVE-2021-21704)
Fixed bug #76450: SIGSEGV in firebird_stmt_execute. (CVE-2021-21704)
Fixed bug #76452: Crash while parsing blob data in firebird_fetch_blob. (CVE-2021-21704)
8.0.8
Fixed bug #81076 (incorrect debug info on Closures with implicit binds).
Fixed bug #81068 (Double free in realpath_cache_clean()).
Fixed bug #76359 (open_basedir bypass through adding "..").
Fixed bug #81090 (Typed property performance degradation with .= operator).

The New Stack: Cassandra, Kafka, and Spark

This new white paper shows how this open source stack for streaming data is transforming sales, supply chain management, and overall business outcomes.

OpenUpdate - July 1, 2021

Stay Informed

This week, read about:

Wormable DarkRadiation Ransomware Targets Linux and Docker Instances.
Open Source Constants | InfoWorld.
Google Extends Open Source Vulnerabilities Database to Python, Rust, Go, and DWF.

Key Security, Maintenance, and Features Releases

Non-Security Updates

Apache Camel 3.11.0
CAMEL-16741
camel-yaml-dsl - Yaml schema validation error for rest endpoints
CAMEL-16734
Recipient list does not wait for processing an exchange by recipients and ignores aggregation strategy when route is transacted.
CAMEL-16722
camel-mock - In predicate should be one predicate
CAMEL-16718
Conflict with Netty TCP + Resilience4J circuit breaker

Firefox 89.0.2
Fix occasional hangs with Software WebRender on Linux (bug 1708224)

Hibernate ORM 5.5.3
HHH-14654 geolatte-geom Geometry types no longer works with geography column types
HHH-14597 Regression bug: could not resolve property: null of:
HHH-13788 Schema update try to recreate existing tables
HHH-4808 SessionImpl.initializeCollection() does not release JDBC connection (if outside of a transaction)

Jenkins 2.299
Update stapler from 1539.v2f05ce93882d to 1563.v3da2d02f9572. (pull 5549, Stapler 1539.v2f05ce93882d changelog, Stapler 1563.v3da2d02f9572 changelog)
Developer: InterceptingExecutorService and its subclasses no longer extend com.google.common.util.concurrent.ForwardingExecutorService or com.google.common.collect.ForwardingObject. (pull 5565)
Remove jna-posix dependency from Jenkins core. Plugins that use jna-posix functionality must be migrated from jna-posix to jnr-posix. (pull 5560, Maven Repository Scheduled Cleanup plugin, SICCI for Xcode plugin, java.io.tmpdir cleaner plugin)

PostgreSQL JDBC Driver 42.2.22
Regression caused by https://github.com/pgjdbc/pgjdbc/commit/4fa2d5bc1ed8c0086a3a197fc1c28f7173d53cac. Unfortunately due to the blocking nature of the driver and issues with seeing if there is a byte available on a blocking stream when it is encrypted this introduces unacceptable delays in returning from peek(). At this time there is no simple solution to this.

Wildfly 24.0.0.Final
[WFLY-13625] - Security Realms should support specifying the charset and encoding for credentials.
[WFLY-13916] - Elytron server-ssl-context allowed protocols
[WFLY-14007] - Certificate Revocation Lists
[WFLY-14563] - As a developer, I can use a quickstart to showcase WildFly connecting to a DB on OpenShift

Docker 3.5.1
Dev Environments Preview: Dev Environments enable you to seamlessly collaborate with your team members without moving between Git branches to get your code onto your team members’ machines. When using Dev Environments, you can share your in-progress work with your team members in just one click, and without having to deal with any merge conflicts. For more information and for instructions on how to use Dev Environments, see Development Environments Preview.
Compose V2 beta: Docker Desktop now includes the beta version of Compose V2, which supports the docker compose command as part of the Docker CLI. For more information, see Compose V2 beta. While docker-compose is still supported and maintained, Compose V2 implementation relies directly on the compose-go bindings which are maintained as part of the specification. The compose command in the Docker CLI supports most of the docker-compose commands and flags. It is expected to be a drop-in replacement for docker-compose. There are a few remaining flags that have yet to be implemented, see the docker-compose compatibility list for more information about the flags that are supported in the new compose command. If you run into any problems with Compose V2, you can easily switch back to Compose v1 by either by making changes in Docker Desktop Experimental Settings, or by running the command docker-compose disable-v2. Let us know your feedback on the new ‘compose’ command by creating an issue in the Compose-CLI GitHub repository.

JBPM 7.56.0.Final
[JBPM-9714] - Include sort column to queries processes by variables and tasks API
[JBPM-9735] - Improve jbpm Engine Message 1:1 (Adding correlation keys and collaboration compliant spec subscription) / engine
[JBPM-9777] - Enrich information of jbpmHumanTasksWithAdmin default query
[JBPM-9780] - Accept all possible properties for Kafka Consumer/Producer

SQLite 3.36.0
Improvement to the EXPLAIN QUERY PLAN output to make it easier to understand.
Byte-order marks at the start of a token are skipped as if they were whitespace.
An error is raised on any attempt to access the rowid of a VIEW or subquery. Formerly, the rowid of a VIEW would be indeterminate and often would be NULL. The -DSQLITE_ALLOW_ROWID_IN_VIEW compile-time option is available to restore the legacy behavior for applications that need it.
The sqlite3_deserialize() and sqlite3_serialize() interfaces are now enabled by default. The -DSQLITE_ENABLE_DESERIALIZE compile-time option is no longer required. Instead, there is is a new -DSQLITE_OMIT_DESERIALIZE compile-time option to omit those interfaces.

ICYMI: OpenLogic Adds Support Offerings for Rocky Linux and AlmaLinux

Last week, OpenLogic announced SLA-backed support for both Rocky Linux and AlmaLinux distributions.

OpenUpdate - June 24, 2021

Stay Informed

This week, read about:

AlmaLinux vs Rocky Linux.
Russia Bans VyprVPN, Opera VPN Services for Not Complying with Blacklist Request.
DroneAnalyst: The Rise of Open Source Drones.

Key Security, Maintenance, and Features Releases

Non-Security Updates

Apache Camel 3.4.6
CAMEL-16622
Validator component fails with java.lang.IllegalArgumentException: protocol = https host = null
CAMEL-16393
camel-jsonpath - results from $.concat(...) seems to be cached on following calls
CAMEL-16152
XML DSL tokenize with token in simple language and group does not set the delimiter correctly
CAMEL-15928
TimeoutException does not trigger Resilience4j circuit breaker

Apache Tomcat 9.0.48, 10.0.7 and 8.5.68
9.0.48
Fix: Regression when generating reflection due to removed NIO classes in 9.0.47. (remm)
Add: Use JSign to integrate the build script with the code signing service to enable release builds to be created on Linux as well as Windows. (markt)
10.0.7
Fix: 65301: RemoteIpValve will now avoid getting the local host name when it is not needed. (remm)
Fix: 65308: NPE in JNDIRealm when no userRoleAttribute is given. (fschumacher)
Add: #412: Add commented out, sample users for the Tomcat Manager app to the default tomcat-users.xml file. Based on a PR by Arnaud Dagnelies. (markt)
Add: #418: Add a new option, pass-through, to the default servlet's useBomIfPresent initialization parameter that causes the default servlet to leave any BOM in place when processing a static file and not to use the BOM to determine the encoding of the file. Based on a pull request by Jean-Louis Monteiro. (markt)
8.5.68
Update: Update to the Java 7 compatible build of JSign 3.1 to pick up a fix for SHA-512 signatures. (markt)

Apache TomEE 8.0.6
No release notes available.

CentOS 8 (2105)
We are pleased to announce the general availability of the latest version of CentOS Linux 8. Effectively immediately, this is the current release for CentOS Linux 8 and is tagged as 2105, derived from Red Hat Enterprise Linux 8.4 Source Code.
As always, read through the Release Notes at: http://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.2105 - these notes contain important information about the release and details about some of the content inside the release from the CentOS QA team. These notes are updated constantly to include issues and incorporate feedback from users.

Hibernate ORM 5.5.2.Final
It seems there are popular answers on StackOverflow which suggest to disable loading of Database metadata during bootstrap of Hibernate ORM, so to have it boot faster.
In these forums an internal flag is being suggested which was meant to be used exclusively for tooling, and which we would not suggest you use for your regular application as some metadata we fetch from the database can have strong impact on internal strategies and workarounds, so making your favourite ORM smarter, more efficient, and sometimes even able to workaround bugs in specific DB versions. In some cases, disabling this metadata can also lead to tricky to diagnose bugs.
But some users reported very slow boot times, mostly in relation with very large databases, and to workaround this really prefer to skip this phase. This was not expected so we investigated more. We could remove some operations which are currently unnecessary, and automatically skip some others depending on actual need.
The end result is that it will now boot even faster, much faster if you had such issues, and without needing to set any flag or have to make tradeoffs with important safety features.

Kubernetes 1.21.2
Added jitter factor to lease controller that better smears load on kube-apiserver over time. (#101652, @marseel) [SIG API Machinery and Scalability]
Avoid caching the Azure VMSS instances whose network profile is nil (#100948, @feiskyer) [SIG Cloud Provider]
Azure: avoid setting cached Sku when updating VMSS and VMSS instances (#102005, @feiskyer) [SIG Cloud Provider]
Fix a bug on the endpoint slices mirroring controller where endpoint NotReadyAddresses were mirrored as Ready to the corresponding EndpointSlice (#102683, @aojea) [SIG Apps and Network]

ISC Bind DNS 9.16.18
When preparing DNS responses, named could replace the letters W (uppercase) and w (lowercase) with \000. This has been fixed. [GL #2779]
The configuration-checking code failed to account for the inheritance rules of the key-directory option. As a side effect of this flaw, the code detecting key-directory conflicts for zones using KASP incorrectly reported unique key directories as being reused. This has been fixed. [GL #2778]

OpenLogic Announces Support Offerings for Rocky Linux and AlmaLinux

Fresh off the inaugural Rocky Linux GA release, OpenLogic has announced SLA-backed support for both Rocky Linux and AlmaLinux distributions.

Learn More

OpenUpdate - June 17, 2021

Stay Informed

This week, read about:

7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access.
Hard Work and Poor Pay Stresses Out Open-Source Maintainers.
Open Source is a Community, Not a Brand.

Key Security, Maintenance, and Features Releases

Non-Security Updates

Docker 3.4.0
Prevent docker run from hanging if inotify event injection fails. Fixes docker/for-mac#5590.
Fixed error showing stderr log in the UI. Fixes docker/for-mac#5688.
Fixed an issue which caused riscv64 emulation to fail on Docker Desktop. Fixes docker/for-mac#5699.
Automatically reclaim space after deleting containers by deleting volumes and removing build cache.
https://docs.docker.com/docker-for-windows/release-notes/

jBoss Drools 7.55.0.Final
[DROOLS-4863] - Popup message about Doughnut at Coverage Report panel of Test Scenario Editor places behind the ridge of the screen in default page scale
[DROOLS-5395] - Clear selection button doesn't work on Testing Tools when use click property first time.
[DROOLS-5824] - executable-model test failure in test-compiler-integration ExpirationTest
[DROOLS-6330] - CombinedConstraint node sharing with executable-model

Hibernate ORM 5.5.0
HHH-14632 Call statistics.queryPlanCacheHit and statistics.queryPlanCacheMiss for FilterQueryPlan and NativeSQLQueryPlan
HHH-14624 Oracle from version 12 started supporting the offset ? rows fetch next ? rows onlysyntax for pagination
HHH-14240 Stop generating fragments of SQL as uppercase

Narayana 5.12.0.Final
[JBTM-3442] - @Transactional applied with a CDI InterceptionFactory throws an Exception
[JBTM-3469] - lra-coordinator-war does not pack the lra-coordinator properly
[JBTM-3486] - Update Oracle Driver in ArjunaCore.arjuna
[JBTM-3487] - Fix typo inside spring/camel-with-narayana-spring-boot/Readme.md

PostgreSQL JDBC Driver 42.2.21
make sure the table has defined primary keys when using updateable resultset backpatch PR#2101 fixes Issue 1975 PR #2106
backpatch PR #2143 read notifies or errors that come in asynchronously after the ready for query PR #2168
backpatch PR #507 which reworks OSGI bundle activator fixes ISSUE #2133
Fix database metadata getFunctions() and getProcedures() to ignore search_path when no schema pattern is specified. backpatch PR #2174 fixes Issue 2173

jBPM 7.55.0.Final
Release notes only go up to jBPM 7.52, please check https://docs.jbpm.org/7.55.0.Final/jbpm-docs/html_single/#jbpmreleasenotes at a later date for updates.

Jetty 11.0.3
This release resolves CVE-2021-28169
#3764 DeprecationWarning Decorator
#5684 Review disabled tests
#5798 jetty-runner startup error with jetty-10

Spring Framework 5.3.8
HttpComponentsClientHttpConnector should close underlying resources #27032
Default value of StandaloneMockMvcBuilder.useSuffixPatternMatch differs from the same property in RequestMappingHandlerMapping #27030
Lookup method autowiring ignores method's generic info #26998
Set BEST_MATCHING_PATTERN_ATTRIBUTE on requests with WebMvc.fn #26963

What is MongoDB? | Feature Overview and FAQ

With so many open source databases to choose from, finding the right database can be a challenge. That’s especially true for non-relational databases like MongoDB, where there are many viable options to choose from.

In this blog, we give an overview of MongoDB, answer frequently asked questions about the database, and discuss important components of MongoDB, including documents, storage engines, and sharding.

OpenUpdate - June 10, 2021

Key Security, Maintenance, and Features Releases

Security Updates

Apache HTTPd 2.4.48
SECURITY: CVE-2021-31618 (cve.mitre.org) mod_http2: Fix a potential NULL pointer dereference [Ivan Zhakov]
mod_proxy_wstunnel: Add ProxyWebsocketFallbackToProxyHttp to opt-out the fallback to mod_proxy_http for WebSocket upgrade and tunneling. [Yann Ylavic]
mod_proxy: Fix flushing of THRESHOLD_MIN_WRITE data while tunneling. BZ 65294. [Yann Ylavic]
core: Fix a regression that stripped the ETag header from 304 responses. PR 61820 [Ruediger Pluem, Roy T. Fielding]

Non-Security Updates

Jenkins 2.296
Fix regressions in forms submissions from unwanted form validation in any browser (regression in 2.289). (issue 65585)
Recommend running on Java 11. (issue 65577)
Change the word 'number' to 'integer' in the error message of the number field. (pull 5538)
Show implied plugin dependencies or a count of dependencies for plugins split from core. (pull 5472)

OpenLDAP 2.5.5
Added libldap LDAP_OPT_TCP_USER_TIMEOUT support (ITS#9502)
Added lloadd tcp-user-timeout support (ITS#9502)
Added slapd-asyncmeta tcp-user-timeout support (ITS#9502)
Added slapd-ldap tcp-user-timeout support (ITS#9502)

PHP 8.0.7 and 7.4.20
8.0.7
Fixed bug #80960 (opendir() warning wrong info when failed on Windows).
Fixed bug #67792 (HTTP Authorization schemes are treated as case-sensitive).
Fixed bug #80972 (Memory exhaustion on invalid string offset).
7.4.20
Fixed bug #80929 (Method name corruption related to repeated calls to call_user_func_array).
Fixed bug #80960 (opendir() warning wrong info when failed on Windows).
Fixed bug #67792 (HTTP Authorization schemes are treated as case-sensitive).
Fixed bug #80972 (Memory exhaustion on invalid string offset).

June 17 | OpenLogic Office Hours: Save Your Seat and We'll Buy You Lunch

Join Rod Cope, Founder of OpenLogic and CTO at Perforce Software, and Rich Alloway, Enterprise Linux Developer at OpenLogic by Perforce, for an interactive discussion on the future of CentOS, new CentOS alternatives, and the state of CentOS Stream.

PLUS, when you RSVP, we'll provide your choice of a $15 GrubHub or DoorDash gift card*. You choose the food, and they'll deliver!

OpenUpdate - June 3, 2021

Key Security, Maintenance, and Features Releases

Non-Security Updates

Apache Camel 2.25.4
CAMEL-16622
Validator component fails with java.lang.IllegalArgumentException: protocol = https host = null
CAMEL-16428
camel-maven-plugin failing on Camel 2.25.x
CAMEL-16393
camel-jsonpath - results from $.concat(...) seems to be cached on following calls
CAMEL-16291
camel-cxfrs producer shouldn't try to read Entity from javax.ws.rs.core.Response

Firefox 89
Colors in Firefox on macOS will no longer be saturated on wide gamut displays, untagged images are properly treated as sRGB, and colors in images tagged as sRGB will now match CSS colors.
In full screen mode on macOS, moving your mouse to the top of the screen will no longer hide your tabs behind the system menu bar.
Also in full screen mode on macOS, it is now possible to hide the browser toolbars for a fully immersive full screen experience. This brings macOS in line with Windows and Linux.
Various stability and security fixes.

Preview Chapter: Decision Maker's Guide to Open Source Databases

In this preview chapter of our upcoming Decision Maker’s Guide to Open Source Databases, our experts break down the top open source RDBMS and when to use them.

Stay Informed about Open Source News and Security Updates

As open source support experts, we monitor community projects to ensure our customers’ environments include the latest releases and are protected against emerging threats. We share what we learn about important open source news including software releases, trending topics, and other related information including upcoming OpenLogic events in our OpenUpdate Weekly newsletter.

Complete the form to receive an email message when we post a new OpenUpdate.

Have Questions or Need Support?

If you have any questions about the content in this week’s newsletter, or are interested in getting support for your open source software, please contact one of our experts.

Talk To An Expert

Learn more about open source including technologies, industry trends, and available services.

See All Resources