Greetings, October. Here's what the Apache community has been working on over the past week:

Foundation Statement –Response From The Apache® Software Foundation To Questions From US House Committee On Energy And Commerce Regarding Equifax Data Breach

Success at Apache –the monthly blog series that focuses on the processes behind why the ASF "just works".
 - All My Roads Led to Apache by Pal Ferrel

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 October. Board calendar and minutes

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield savvy performance at 99.78% uptime

ASF Operations Factoid –this week, 549 Apache Committers changed 1,204,410 lines of code over 3,893 commits. Top 5 contributors, in order, are: Oliver Lietz, James Taylor, Mark Thomas, Maxim Solodovnik, and Stephen Mallette.

Apache Calcite™ –a dynamic Big Data management framework.
 - Apache Calcite 1.14.0 released

Apache Flume™ –a distributed, reliable, and available service for efficiently collecting, aggregating, and moving large amounts of log data.
 - Apache Flume 1.8.0 released

Apache Geode™ –low latency, high concurrency data management solutions.
 - CVE-2017-9794 Apache Geode gfsh query vulnerability
 - CVE-2017-9797 Apache Geode client/server authentication vulnerability

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.5.0-beta-2 released

Apache HTTP Server™ –the world's most popular Web server.
 - Apache HTTP Server 2.4.28 released

Apache Impala (incubating) –a high-performance C++ and Java SQL query engine for data stored in Apache Hadoop-based clusters.
 - CVE-2017-9792 Apache Impala (incubating) Information Disclosure

Apache Jackrabbit™ –a fully conforming implementation of the Content Repository for Java Technology API (JCR).
 - Apache Jackrabbit 2.8.6 and Jackrabbit Oak 1.7.8 released

Apache Juneau (incubating) –a toolkit for marshalling POJOs to a wide variety of content types using a common framework, and for creating sophisticated self-documenting REST interfaces and microservices using very little code.
 - Apache Juneau 6.4.0 (incubating) released

Apache Lucene™ Solr™ –the search server built on Apache Lucene.
 - Apache Solr Reference Guide for 7.0 released

Apache NiFi™ –an easy to use, powerful, and reliable system to process and distribute data.
 - Apache NiFi 1.4.0 released

Apache OpenNLP™ –a machine learning based toolkit for the processing of natural language text..
 - CVE-2017-12620: Apache OpenNLP XXE vulnerability

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers technologies.
 - Apache Tomcat 7.0.82, 8.0.47, 8.5.23, and 9.0.1 released
 - CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload

Apache Wicket™ –an Open Source Java component oriented Web application framework that powers thousands of web applications and Web sites for governments, stores, universities, cities, banks, email providers, and more.
- Apache Wicket 6.8.0 released

Did You Know?

 - Did you know that the ASF Incubator has mentored new Apache projects and their communities for the past 15 years?

 - Did you know that the following Apache projects have anniversaries this month: Xalan and XML Graphics (13 years); MINA and Velocity (11 years); PDFBox (8 years); Thrift (7 years); JMeter (6 years); Cordova, Isis, and OpenOffice (5 years); Chukwa and jclouds (4 years); and Calcite (2 years)?

 - Did you know that various Apache projects that are seeking assistance are listed at ? Help your favorite Apache community!

Apache Community Notices:
 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence 2) All Carrot and No Stick 3) Asynchronous Decision Making Rule of the Makers 5) JFDI --the unconditional love of contributors 6) Meritocracy and Me 7) Learning to Build a Stronger Community 8) Meritocracy. 9) Lowering Barriers to Open Innovation 10) All My Roads Led to Apache
 - Follow the ASF on social media: @TheASF on Twitter and on LinkedIn at (re-tweets/shares/likes most appreciated!)

 - Presentations from ApacheCon and Apache: Big Data are available; as well as videos and audio recordings

 - Do friend and follow us on the Apache Community Facebook page Twitter account

 - The list of Apache project-related MeetUps can be found at

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh

 - Learn about Apache Atlas, AriaTosca (incubating), Hadoop YARN, Kafka, ManifoldCF, Ranger, Spot (incubating), Thrift, and more at Open Source Summit Europe + ELC Europe 2017 23-26 October in Prague

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco

 - ASF Quarterly Report: Operations Summary Q1 FY2018

 - ASF Annual Report is available at

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more!
 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos
= = =
For real-time updates, sign up for Apache-related news by sending mail to and follow @TheASF on Twitter. For a broader spectrum from the Apache community, provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #