[GitHub] [activemq] jbonofre commented on a change in pull request #662: [AMQ-7426] Upgrade to log4j2

GitBox Mon, 10 Jan 2022 08:29:41 -0800


jbonofre commented on a change in pull request #662:
URL: https://github.com/apache/activemq/pull/662#discussion_r781350767




##########
File path: pom.xml
##########
@@ -82,7 +80,8 @@
     <junit-version>4.13.2</junit-version>
     <hamcrest-version>1.3</hamcrest-version>
     <karaf-version>4.2.10</karaf-version>
-    <log4j-version>1.2.17</log4j-version>
+    <slf4j-version>1.7.30</slf4j-version>
+    <log4j-version>2.14.1</log4j-version>

Review comment:
       @oribendetcx sorry but it's really stupid ;) Log4j 1.x has no log4shell 
vulnerability. Anyway, I'm moving forward on 5.17.0 (planned for end of January 
as shared on the mailing list).




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[GitHub] [activemq] jbonofre commented on a change in pull request #662: [AMQ-7426] Upgrade to log4j2

Reply via email to