[
https://issues.apache.org/jira/browse/AXIS2-5993?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17243460#comment-17243460
]
Robert Lazarski commented on AXIS2-5993:
----------------------------------------
This is fixed in the master branch at github, the next official release is
currently on track for the 1st quarter of next year.
Currently JDK 8 is required to compile, though the main goal of the next
release is JDK 11 compilation.
git clone [https://github.com/apache/axis-axis2-java-core.git]
mvn -Dmaven.javadoc.skip=true -Dmaven.test.skip.exec clean install
> Upgrade logging to log4j v2.x
> -----------------------------
>
> Key: AXIS2-5993
> URL: https://issues.apache.org/jira/browse/AXIS2-5993
> Project: Axis2
> Issue Type: Improvement
> Components: client-api
> Affects Versions: 1.7.9
> Environment: Tomcat
> Reporter: Gregory Knott
> Assignee: Robert Lazarski
> Priority: Major
> Fix For: 1.7.9
>
>
> [https://nvd.nist.gov/vuln/detail/CVE-2019-17571]
> This vulnerability prompts us to upgrade to a v2 version of log4j since all
> v1 versions are end of support. However all versions of axis2 still use v1
> log4j.
> If axis2 is not updated, then we will need to move to another web service
> container.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
