+1, option 1
Apologies for the delay, took me a while to find the original email.
-d
On December 29, 2021 21:33:35 "Christian Grobmeier" <grobme...@apache.org>
wrote:
Hello,
as discussed in another thread, this is a vote about the future of log4j 1.
This vote stays open for the usual 72h.
Options are explained below.
You can vote for:
[ ] +1, Option 1
[ ] +1, Option 2
[ ] +/- 0, abstain
[ ] -1 object against those options
Option 1: Create a README.md that publishes the projects EOL status and do
nothing else.
Option 2: Create a README which says the project is EOL but allow the
following work for 1.2.18 AND create a full release:
a. Make the build work with a modern version of Maven.
b. Fix the Java version bug.
c. Fix CVE-2021-4104 (expanded to address all JNDI components)
d. Fix CVE-2019-17571
Regards,
Christian
--
The Apache Software Foundation
V.P., Data Privacy
