Due to open ssl vulnerabilities[1], it might be good for committer, etc. to reset their Apache password as mentioned in [2]. [1]. http://www.openssl.org/news/vulnerabilities.html [2]. https://blogs.apache.org/infra/entry/heartbleed_fallout_for_apache