It is somewhat odd that the apache people were unaware of the security report, since coordinating security issues using a list for all clones/forks/spoons at firstname.lastname@example.org was discussed on their own list:
And I thought apache now owned the domain, but maybe they don't yet own the smtp services?
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds