This is a vote to release Log4j 2.12.2, a security release for Java 7 users.
Please download, test, and cast your votes on the log4j developers list.
[] +1, release the artifacts
[] -1, don't release because...
The vote will remain open for as short amount as time as required to vet the
release. All votes are welcome and we encourage everyone to test the release,
but only Logging PMC votes are “officially” counted. As always, at least 3 +1
votes and more positive than negative votes are required.
Changes in this version include:
Fixed Bugs
• LOG4J-3220: Disable JNDI by default, remove JNDI Lookup, remove
message lookups. When enabled JNDI only supports the java protocol.
Tag:
a) for a new copy do "git clone https://github.com/apache/logging-log4j2.git";
and then "git checkout tags/log4j-2.12.2-rc1” or just "git clone -b
log4j-2.12.2-rc1 https://github.com/apache/logging-log4j2.git";
b) for an existing working copy to “git pull” and then “git checkout
tags/log4j-2.12.2-rc1”
Web Site: No web site was generated for this release. The 2.16.0 web site will
be updated appropriately.
Maven Artifacts:
https://repository.apache.org/content/repositories/orgapachelogging-1070
Distribution archives: https://dist.apache.org/repos/dist/dev/logging/log4j/
You may download all the Maven artifacts by executing:
wget -e robots=off --cut-dirs=7 -nH -r -p -np --no-check-certificate
https://repository.apache.org/content/repositories/orgapachelogging-1070/org/apache/logging/log4j/
