This is an automated email from the ASF dual-hosted git repository.
mattsicker pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
The following commit(s) were added to refs/heads/release-2.x by this push:
new 3db995c Prepare for 2.16.0 release
3db995c is described below
commit 3db995c0ecfd909f6bad38e2dc31ec7d828e94d7
Author: Matt Sicker <[email protected]>
AuthorDate: Sun Dec 12 23:22:32 2021 -0600
Prepare for 2.16.0 release
---
pom.xml | 2 +-
src/changes/announcement.vm | 5 +++--
src/site/markdown/index.md.vm | 5 +++--
3 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/pom.xml b/pom.xml
index b039bc4..3b12608 100644
--- a/pom.xml
+++ b/pom.xml
@@ -188,7 +188,7 @@
<properties>
<!-- make sure to update these for each release! -->
<log4jParentDir>${basedir}</log4jParentDir>
- <Log4jReleaseVersion>2.15.1</Log4jReleaseVersion>
+ <Log4jReleaseVersion>2.16.0</Log4jReleaseVersion>
<!--Log4jReleaseManager>Ralph Goers</Log4jReleaseManager-->
<!--Log4jReleaseKey>B3D8E1BA</Log4jReleaseKey-->
<Log4jReleaseManager>Matt Sicker</Log4jReleaseManager>
diff --git a/src/changes/announcement.vm b/src/changes/announcement.vm
index 43d5199..64f15d0 100644
--- a/src/changes/announcement.vm
+++ b/src/changes/announcement.vm
@@ -72,11 +72,12 @@ log4j-slf4j-impl should be used with SLF4J 1.7.x and
earlier and log4j-slf4j18-i
later. SLF4J-2.0.0 alpha releases are not fully supported. See
https://issues.apache.org/jira/browse/LOG4J2-2975 and
https://jira.qos.ch/browse/SLF4J-511.
-Some of the changes in Log4j 2.15.1 include:
+Some of the changes in Log4j ${relVersion} include:
+* Remove Message Lookups.
* While release 2.15.0 removed the ability to resolve Lookups and log messages
and addressed issues with how JNDI
is accessed, the Log4j team feels that having JNDI enabled by default
introduces an undue risk for our users.
-Starting in version 2.15.1, JNDI functionality is disabled by default and can
be re-enabled via the
+Starting in version 2.16.0, JNDI functionality is disabled by default and can
be re-enabled via the
`log4j2.enableJndi` system property. Use of JNDI in an unprotected context is
a large security risk and
should be treated as such in both this library and all other Java libraries
using JNDI.
* Prior to version 2.15.0, Log4j would automatically resolve Lookups contained
in the message or its parameters in the
diff --git a/src/site/markdown/index.md.vm b/src/site/markdown/index.md.vm
index 25cdbc3..3ca59de 100644
--- a/src/site/markdown/index.md.vm
+++ b/src/site/markdown/index.md.vm
@@ -159,7 +159,7 @@ releases from 2.7 through 2.14.1 all PatternLayout patterns
can be modified to s
`%m{nnolookups}` instead of just `%m`. For releases from 2.0-beta9 to 2.10.0,
the mitigation is to remove the
`JndiLookup` class from the classpath:`zip -q -d log4j-core-*.jar
org/apache/logging/log4j/core/lookup/JndiLookup.class`
-$h 3Other News
+$h3 Other News
Log4j $Log4jReleaseVersion is now available for production. The API for Log4j
2 is not compatible with Log4j 1.x, however an adapter is
available to allow applications to continue to use the Log4j 1.x API. Adapters
are also available for Apache Commons
@@ -169,8 +169,9 @@ Log4j $Log4jReleaseVersion is the latest release of Log4j.
As of Log4j 2.13.0 Lo
runtime. This release contains new features and fixes which can be found
in the latest [changes report](changes-report.html#a$Log4jReleaseVersion).
-The only change in Log4j 2.15.1 is:
+The changes in Log4j 2.16.0 are:
* Disabling JNDI functionality by default.
+* Removing Message Lookups.
Log4j $Log4jReleaseVersion maintains binary compatibility with previous
releases.
