arne anka created ARTEMIS-3611:
----------------------------------
Summary: update to most recent log4j
Key: ARTEMIS-3611
URL: https://issues.apache.org/jira/browse/ARTEMIS-3611
Project: ActiveMQ Artemis
Issue Type: Bug
Components: Web Console
Reporter: arne anka
While not vulnerable to the recently published issue, the web console still
uses log4j 1.2.x – which is long out of support and sports a longish list of
unfixed issues, and thus vulnerabilities.
Given that log4j 1.2.x is also an apache project, it is disturbing that its EOL
more than 6 years ago seems not to have been noticed nor acted upon.
It should as soon as possible be updated to a secure version.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
