[ https://issues.apache.org/jira/browse/WW-5389?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17813118#comment-17813118 ]
Lukasz Lenart commented on WW-5389: ----------------------------------- In case of 2.5.x we can accept only security patches, 2.5.x is going to be EOL soon. https://struts.apache.org/struts25-eol-announcement > Upgrade Log4j to version 2.21.1 > ------------------------------- > > Key: WW-5389 > URL: https://issues.apache.org/jira/browse/WW-5389 > Project: Struts 2 > Issue Type: Dependency > Components: Core > Reporter: Sebastian Peters > Priority: Major > Fix For: 6.4.0 > > > Unfortunately, error_prone_annotations > 2.10.0 depends on Java 11 – so an > upgrade to 2.22.x is not an option in 2.5.x for now. > But we can update to log4j2 to 2.21.1. -- This message was sent by Atlassian Jira (v8.20.10#820010)