Re: [VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Antonio Petrelli
Il giorno gio 16 dic 2021 alle ore 19:38 Lukasz Lenart < lukaszlen...@apache.org> ha scritto: > czw., 16 gru 2021 o 17:29 Antonio Petrelli > napisał(a): > > Is there a reason why it has not been upgraded to 2.16.0? > > As Marc already pointed out, Log4j 2.16.0 requires JDK 8 while Struts > 2.5.x

Re: [VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Yasser Zamani
[ ] Leave at test build [ ] Alpha [ ] Beta [*] General Availability (GA) +1 (binding) GA please, thanks! Regards On 12/16/2021 7:15 PM, Lukasz Lenart wrote: The Apache Struts 2.5.28.1 test build is now available. It includes the latest security patch which fixes security vulnerability: - Log

Re: [VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Johannes Geppert
> [ ] Leave at test build > [ ] Alpha > [ ] Beta > [X] General Availability (GA) +1 (binding) Best Regards Johannes Lukasz Lenart schrieb am Do., 16. Dez. 2021, 16:46: > The Apache Struts 2.5.28.1 test build is now available. It includes > the latest security patch which fixes security vulner

Re: [VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Lukasz Lenart
czw., 16 gru 2021 o 16:45 Lukasz Lenart napisał(a): > [ ] Leave at test build > [ ] Alpha > [ ] Beta > [X] General Availability (GA) +1 (binding) Regards -- Łukasz + 48 606 323 122 http://www.lenart.org.pl/ - To unsubscribe,

Re: [VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Lukasz Lenart
czw., 16 gru 2021 o 17:29 Antonio Petrelli napisał(a): > Is there a reason why it has not been upgraded to 2.16.0? As Marc already pointed out, Log4j 2.16.0 requires JDK 8 while Struts 2.5.x is still using JDK7, besides that Log4j 2.12.2 gives exactly the same level of security as Log4j 2.16.0, s

Re: [VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Marc Michele
Am 16.12.21 um 16:45 schrieb Lukasz Lenart: > [ ] Leave at test build > [ ] Alpha > [ ] Beta > [x] General Availability (GA) +1 GA please, thanks! Tested with two of my applications and no side effects. Regards Marc - To un

Re: [VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Marc Michele
Am 16.12.21 um 17:29 schrieb Antonio Petrelli: > Il giorno gio 16 dic 2021 alle ore 16:46 Lukasz Lenart < > lukaszlen...@apache.org> ha scritto: > >> The Apache Struts 2.5.28.1 test build is now available. It includes >> the latest security patch which fixes security vulnerability: >> >> - Log4j ha

Re: [VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Antonio Petrelli
Il giorno gio 16 dic 2021 alle ore 16:46 Lukasz Lenart < lukaszlen...@apache.org> ha scritto: > The Apache Struts 2.5.28.1 test build is now available. It includes > the latest security patch which fixes security vulnerability: > > - Log4j has been upgrade to version 2.12.2 to address security > v

[VOTE] [FASTTRACK] Apache Struts 2.5.28.1

2021-12-16 Thread Lukasz Lenart
The Apache Struts 2.5.28.1 test build is now available. It includes the latest security patch which fixes security vulnerability: - Log4j has been upgrade to version 2.12.2 to address security vulnerability CVE-2021-45046 Release notes: * https://cwiki.apache.org/confluence/display/WW/Version+Not