arne anka created ARTEMIS-3611:
----------------------------------

             Summary: update to most recent log4j
                 Key: ARTEMIS-3611
                 URL: https://issues.apache.org/jira/browse/ARTEMIS-3611
             Project: ActiveMQ Artemis
          Issue Type: Bug
          Components: Web Console
            Reporter: arne anka


While not vulnerable to the recently published issue, the web console still 
uses log4j 1.2.x – which is long out of support and sports a longish list of 
unfixed issues, and thus vulnerabilities.

Given that log4j 1.2.x is also an apache project, it is disturbing that its EOL 
more than 6 years ago seems not to have been noticed nor acted upon.

It should as soon as possible be updated to a secure version.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to