[
https://issues.apache.org/jira/browse/AMQ-7426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17491521#comment-17491521
]
Jean-Baptiste Onofré commented on AMQ-7426:
-------------------------------------------
[~riad.darawish] again, and again: ActiveMQ 5.17.0 should be in vote current
Feb. If you are concerned about log4j security issue, FYI, ActiveMQ 5.16.4
(currently in vote) switched from log4j 1.x to reload4j which include all
security fixes. So, again, YOU DON'T NEED 5.17.0 for log4j security fixes, you
can use 5.16.4. I will blog about that because we answered maybe 10 times
already on the mailing list.
> Upgrade to log4j2
> -----------------
>
> Key: AMQ-7426
> URL: https://issues.apache.org/jira/browse/AMQ-7426
> Project: ActiveMQ
> Issue Type: Task
> Components: Broker
> Reporter: Jean-Baptiste Onofré
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Fix For: 5.17.0
>
> Time Spent: 4h 20m
> Remaining Estimate: 0h
>
> This JIRA will upgrade 5.17.x to use Log4J 2.x instead of 1.x
> (5.16.x was switched to using [reload4j|https://reload4j.qos.ch/] instead of
> Log4j 1.x via AMQ-8472 in 5.16.4)
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
