It's been a while since I've written much about Derby; it's been pretty quiet.
But over the spring, we completed another release!
This was a patch release, with fixes for CVE-2018-1313.
It's interesting to be on the "inside" of a vulnerability disclosure, even if this one wasn't tremendously high-pressure. Apache have a well-documented process for handling vulnerability reports, and the Apache Security team, as well as our correspondent Grégory Draperi, were extremely helpful and informative throughout.