[
https://issues.apache.org/jira/browse/AXIS2-5857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16071604#comment-16071604
]
Andreas Veithen commented on AXIS2-5857:
----------------------------------------
Ah, axis2-jibx also depends on log4j 1.2.x, but AFAICS it only uses the logging
API and doesn't attempt to configure log4j, so we could use the API adapter.
> Log4j 1.x has reached EOL
> --------------------------
>
> Key: AXIS2-5857
> URL: https://issues.apache.org/jira/browse/AXIS2-5857
> Project: Axis2
> Issue Type: Improvement
> Affects Versions: 1.7.5
> Reporter: spoorti
> Priority: Minor
>
> The log4j 1.x has reached EOL. Even the latest release version of Axis2
> contains the 1.x version of the log4j.
> It need to be upgraded to 2.8.2 or higher since the other 2.x versions has
> vulnerability reported.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org
