Security researcher Alexander Klink and Julian Wälde revealed a serious vulnerability that until recently affected the vast majority of web server. The attack only requires a single HTTP request that is specially designed to create hash code collisions in POST form data. When first discovered this attack affected Python, Ruby, PHP, Java, and ASP.NET, but vendors have been working on patches.
Apache Geronimo 3.0-beta-1 is now fully Java EE 6 Certified. Geronimo joins the rank of GlassFish 3 as an open source server that has passed both Java EE 6.0 Full Profile and Web Profile certification tests. Geronimo 3 has also updated its kernel to use OSGi, based on the Apache Karaf OSGi runtime, and supports the Aries programming model.
A new worm exploiting a JBoss vulnerability that was patched in April 2010 is targeting unsecured servers and adding them to a botnet, security researchers are reporting.
Oracle Public Cloud offers two solutions: SaaS, including Fusion CRM, Fusion HCM, and Social Network, and PaaS, including Java and Database services.
ZeroTurnaround today released JRebel 4.5 and announced JRebel Social, a beta version of their popular "redeploy killer" that is free for non-commercial use, provided you are willing to give ZeroTurnaround access to your social network.
Around January 2011, Memcached became the number one caching solution based on Java developer job demand. Memcached expanded beyond its LAMP roots. InfoQ caught up with Dustin Sallings, the implementer of Spymemcached the leading Java Memcached client, to get his perspective on the rise of Memcached in the Java world.
VMware today released a free downloadable version of its Cloud Foundry software, called Micro Cloud Foundry, designed to run locally on a developer’s workstation in a single virtual machine. Mac and PC developers can run and build cloud applications locally without having to configure middleware, and scale and deploy to their applications wherever they want without modifying code.
Granite Data Services released last week its Enterprise Platform for building Flex/Java EE Applications. Granite DS is an open source framework. InfoQ spoke with Frank Wolff, CEO and Co-Founder of Granite DS, about his perspectives on Rich Internet Applications.
Red Hat announced the availability of JBoss AS 7, the first JBoss platform to be EE6 Web Profile certified and with an OSGi 4.2 compliant engine. A 7.1 release, planned later this year, will add full EE6 certification.
IBM WebSphere Application Server V8 has been launched, becoming the third application server to offer complete support for the full Java EE 6 profile.
In June, Microsoft released a set of open-source configurations to accelerate interoperability between Microsoft’s WCF platform and leading Java-based web service stacks. WCF bindings, which define transport details for invoking or consuming WCF services, are now available for Oracle WebLogic, Oracle Metro, IBM WebSphere and Apache Axis2.
IBM Workload Deployer is the next generation of the IBM WebSphere CloudBurst v2.0 appliance further driving the use of patterns, templates and automation to simplify and accelerate the definition and deployment of private cloud solutions.
Caucho Resin has recently been certified a compliant implementation of the EE 6 Web Profile, starting with version 4.0.17.
MechSoft releases Siwpas, a lightweight application server based on Apache Tomcat that focuses exclusively on Web applications.
When building larger scale applications, message queues are often very helpful for both distributing and aggregating workloads. In the .NET ecosystem there are several options available for message queuing. This article highlights some of the more popular and unique offerings as well as the basic terminology needed to evaluate them.