The Apache Log4j 2 team is pleased to announce the Log4j 2.8 release!
Apache Log4j is a well known framework for logging application
behavior. Log4j 2 is an upgrade
to Log4j that provides significant improvements over its predecessor,
Log4j 1.x, and provides
many other modern features such as supp
The Apache Log4j 2 team is pleased to announce the Log4j 2.8.2 release!
Apache Log4j is a well known framework for logging application behavior.
Log4j 2 is an upgrade to Log4j that provides significant improvements over
its predecessor, Log4j 1.x, and provides many other modern features such as
su
CVE-2017-5645: Apache Log4j socket receiver deserialization vulnerability
Severity: High
CVSS Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Vendor: The Apache Software Foundation
Versions Affected: all versions from 2.0-alpha1 to 2.8.1
Description: When using the TCP socket server or UDP socket
The PMC of the Logging Services project has released the first standalone
version of the Log4j Scala API, version 11.0. This release adds support for
Scala 2.12 in addition to continued support for Scala 2.10 and 2.11. The
version number has been increased all the way to 11 in order to
differentiat
The Apache Logging Services project is pleased to announce the availability
of Apache Chainsaw 2.0.0. This is a long-awaited release of the Chainsaw
trunk/master code.
Apache Chainsaw is a Java GUI application to search, watch, and gather log
data from applications, particularly applications using
/log4j/log4j-api-kotlin/1.0.0/
--
Matt Sicker
Assistant Secretary, Apache Software Foundation
VP Logging Services, ASF
Red Team at Telstra.
Links:
https://logging.apache.org/log4j/1.2/
https://issues.apache.org/jira/browse/LOG4J2-1863
--
Matt Sicker
Secretary, Apache Software Foundation
VP Logging Services, ASF
/OutreachyMay2020
If you have any questions about eligibility, project guidance, etc.,
please reach out to the Outreachy coordinators on the
d...@diversity.apache.org mailing list.
--
Matt Sicker
Secretary, Apache Software Foundation
VP Logging Services, ASF
://issues.apache.org/jira/browse/LOG4J2-2819
CVE Details:
CWE: 297
CVSS: 3.7 (Low) CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Affects: Apache Log4j <= 2.13.1
Fixed: Log4j 2.13.2
Reported by: Peter Stöckli
--
Matt Sicker
Secretary, Apache Software Foundation
VP Logging Services, ASF
always a bad idea.
[1]: https://issues.apache.org/jira/browse/LOG4NET-575
[2]:
https://lists.apache.org/thread.html/r6691036b0f85419e8bc97f6f522b8c353dd250b0a329164167b021a6%40%3Cdev.logging.apache.org%3E
--
Matt Sicker
Secretary, Apache Software Foundation
VP Logging Services, ASF
+FAQ
[3]: https://www.outreachy.org/communities/cfp/apache/
--
Matt Sicker
Secretary, Apache Software Foundation
VP, Logging Services, ASF
://logging.apache.org/log4j/kotlin/download.html
Make sure to verify downloaded artifacts with our GPG keys found here:
https://www.apache.org/dist/logging/KEYS
Maven artifacts are available from Maven Central:
https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api-kotlin/1.1.0/
--
Matt
supported by the Log4j team.
For complete information on Apache Log4j 2, including instructions on
how to submit bug reports, patches, or suggestions for improvement,
see the Apache Apache Log4j 2 website:
https://logging.apache.org/log4j/2.x/
--
Matt Sicker
PMC Member, Logging Services, Apach
/security.html
--
Matt Sicker
PMC Member, Logging Services, Apache Software Foundation
on
how to submit bug reports, patches, or suggestions for improvement,
see the Apache Apache Log4j 2 website:
https://logging.apache.org/log4j/2.x/
--
Matt Sicker
PMC Member, Logging Services, Apache Software Foundation
, or suggestions for improvement, see the Apache Apache Log4j 2 website:
http://logging.apache.org/log4j/2.x/
Downloads available here:
https://logging.apache.org/log4j/log4j-2.3.2/download.html
GPG keys for verifying releases are available here:
https://downloads.apache.org/logging/KEYS
--
Matt
16 matches
Mail list logo