Greetings, October. Here's what the Apache community has been working on over the past week:

Foundation Statement –Response From The Apache® Software Foundation To Questions From US House Committee On Energy And Commerce Regarding Equifax Data Breach https://s.apache.org/rjmv

Success at Apache –the monthly blog series that focuses on the processes behind why the ASF "just works".
 - All My Roads Led to Apache by Pal Ferrel https://s.apache.org/l9OO

ASF Board –management and oversight of the business affairs of the corporation in accordance with the Foundation's bylaws.
 - Next Board Meeting: 18 October. Board calendar and minutes http://apache.org/foundation/board/calendar.html

ASF Infrastructure –our distributed team on three continents keeps the ASF's infrastructure running around the clock.
 - 7M+ weekly checks yield savvy performance at 99.78% uptime http://status.apache.org/

ASF Operations Factoid –this week, 549 Apache Committers changed 1,204,410 lines of code over 3,893 commits. Top 5 contributors, in order, are: Oliver Lietz, James Taylor, Mark Thomas, Maxim Solodovnik, and Stephen Mallette.

Apache Calcite™ –a dynamic Big Data management framework.
 - Apache Calcite 1.14.0 released http://calcite.apache.org/

Apache Flume™ –a distributed, reliable, and available service for efficiently collecting, aggregating, and moving large amounts of log data.
 - Apache Flume 1.8.0 released http://flume.apache.org/

Apache Geode™ –low latency, high concurrency data management solutions.
 - CVE-2017-9794 Apache Geode gfsh query vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3CCAEwge-FqzrT%2BdeCkNkM-EQZuKfg-XuqY4cGjFiqxoKBVduY1Zw%40mail.gmail.com%3E
 - CVE-2017-9797 Apache Geode client/server authentication vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3CCAEwge-Hrbb7JS8Nygrh7geyFvW4bMZ3AdCmPOzMfvbniipz0bA%40mail.gmail.com%3E

Apache Groovy™ –a multi-facet programming language for the JVM.
 - Apache Groovy 2.5.0-beta-2 released https://groovy.apache.org/

Apache HTTP Server™ –the world's most popular Web server.
 - Apache HTTP Server 2.4.28 released http://httpd.apache.org/

Apache Impala (incubating) –a high-performance C++ and Java SQL query engine for data stored in Apache Hadoop-based clusters.
 - CVE-2017-9792 Apache Impala (incubating) Information Disclosure http://mail-archives.apache.org/mod_mbox/www-announce/201709.mbox/%3CCAFWiQHYvHUG42bC0EVkxciyR_-uswTW2UZCFQ6o0Q2%2BPGWSi6Q%40mail.gmail.com%3E

Apache Jackrabbit™ –a fully conforming implementation of the Content Repository for Java Technology API (JCR).
 - Apache Jackrabbit 2.8.6 and Jackrabbit Oak 1.7.8 released http://jackrabbit.apache.org/

Apache Juneau (incubating) –a toolkit for marshalling POJOs to a wide variety of content types using a common framework, and for creating sophisticated self-documenting REST interfaces and microservices using very little code.
 - Apache Juneau 6.4.0 (incubating) released http://juneau.incubator.apache.org/

Apache Lucene™ Solr™ –the search server built on Apache Lucene.
 - Apache Solr Reference Guide for 7.0 released https://lucene.apache.org/solr/guide/7_0

Apache NiFi™ –an easy to use, powerful, and reliable system to process and distribute data.
 - Apache NiFi 1.4.0 released https://nifi.apache.org/

Apache OpenNLP™ –a machine learning based toolkit for the processing of natural language text..
 - CVE-2017-12620: Apache OpenNLP XXE vulnerability http://mail-archives.apache.org/mod_mbox/www-announce/201710.mbox/%3CCA%2BV%3DWqjnwc7DCAXMGCBPrgfKJHB0bSP03mrSZ0RJxCin5m6L9Q%40mail.gmail.com%3E

Apache Tomcat™ –an Open Source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language, Java WebSocket and Java Authentication Service Provider Interface for Containers technologies.
 - Apache Tomcat 7.0.82, 8.0.47, 8.5.23, and 9.0.1 released http://tomcat.apache.org/
 - CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload http://mail-archives.apache.org/mod_mbox/www-announce/201710.mbox/%3Cf7229e11-5e8d-aa00-ff22-f0a795669010%40apache.org%3E

Apache Wicket™ –an Open Source Java component oriented Web application framework that powers thousands of web applications and Web sites for governments, stores, universities, cities, banks, email providers, and more.
- Apache Wicket 6.8.0 released http://wicket.apache.org

Did You Know?

 - Did you know that the ASF Incubator has mentored new Apache projects and their communities for the past 15 years? http://incubator.apache.org/

 - Did you know that the following Apache projects have anniversaries this month: Xalan and XML Graphics (13 years); MINA and Velocity (11 years); PDFBox (8 years); Thrift (7 years); JMeter (6 years); Cordova, Isis, and OpenOffice (5 years); Chukwa and jclouds (4 years); and Calcite (2 years)? https://projects.apache.org/committees.html?date

 - Did you know that various Apache projects that are seeking assistance are listed at http://helpwanted.apache.org/ ? Help your favorite Apache community!


Apache Community Notices:
 - "Success at Apache" focuses on the processes behind why the ASF "just works". 1) Project Independence https://s.apache.org/CE0V 2) All Carrot and No Stick https://s.apache.org/ykoG 3) Asynchronous Decision Making https://s.apache.org/PMvk4) Rule of the Makers https://s.apache.org/yFgQ 5) JFDI --the unconditional love of contributors https://s.apache.org/4pjM 6) Meritocracy and Me https://s.apache.org/tQQh 7) Learning to Build a Stronger Community https://s.apache.org/x9Be 8) Meritocracy. https://s.apache.org/DiEo 9) Lowering Barriers to Open Innovation https://s.apache.org/dAlg 10) All My Roads Led to Apache https://s.apache.org/l9OO
 - Follow the ASF on social media: @TheASF on Twitter and on LinkedIn at https://www.linkedin.com/company/the-apache-software-foundation (re-tweets/shares/likes most appreciated!)

 - Presentations from ApacheCon https://s.apache.org/Hli7 and Apache: Big Data https://s.apache.org/tefE are available; as well as videos https://s.apache.org/AE3m and audio recordings https://feathercast.apache.org/

 - Do friend and follow us on the Apache Community Facebook page https://www.facebook.com/ApacheSoftwareFoundation/and Twitter account https://twitter.com/ApacheCommunity

 - The list of Apache project-related MeetUps can be found at http://apache.org/events/meetups.html

 - The Apache community will be at All Things Open --stop by the ASF booth and say hello! 23-24 October in Raleigh https://allthingsopen.org/

 - Learn about Apache Atlas, AriaTosca (incubating), Hadoop YARN, Kafka, ManifoldCF, Ranger, Spot (incubating), Thrift, and more at Open Source Summit Europe + ELC Europe 2017 23-26 October in Prague https://osseu17.sched.com/

 - Catch the Apache Ignite and Spark communities at the In-Memory Computing Summit 24-25 October in San Francisco https://imcsummit.org/

 - ASF Quarterly Report: Operations Summary Q1 FY2018 https://s.apache.org/cEUm

 - ASF Annual Report is available at https://s.apache.org/FY2017AnnualReport

 - Find out how you can participate with Apache community/projects/activities --opportunities open with Apache HTTP Server, Avro, ComDev (community development), Directory, Incubator, OODT, POI, Polygene, Syncope, Tika, Trafodion, and more! https://helpwanted.apache.org/
 - Are your software solutions Powered by Apache? Download & use our "Powered By" logos http://www.apache.org/foundation/press/kit/#poweredby
= = =
For real-time updates, sign up for Apache-related news by sending mail to announce-subscribe@apache.org and follow @TheASF on Twitter. For a broader spectrum from the Apache community, https://twitter.com/PlanetApache provides an aggregate of Project activities as well as the personal blogs and tweets of select ASF Committers.

# # #