[ https://issues.apache.org/jira/browse/AXIS2-5993?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andreas Veithen updated AXIS2-5993: ----------------------------------- Fix Version/s: (was: 1.7.9) 1.8.0 > Upgrade logging to log4j v2.x > ----------------------------- > > Key: AXIS2-5993 > URL: https://issues.apache.org/jira/browse/AXIS2-5993 > Project: Axis2 > Issue Type: Improvement > Components: client-api > Affects Versions: 1.7.9 > Environment: Tomcat > Reporter: Gregory Knott > Assignee: Robert Lazarski > Priority: Major > Fix For: 1.8.0 > > > [https://nvd.nist.gov/vuln/detail/CVE-2019-17571] > This vulnerability prompts us to upgrade to a v2 version of log4j since all > v1 versions are end of support. However all versions of axis2 still use v1 > log4j. > If axis2 is not updated, then we will need to move to another web service > container. > -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org For additional commands, e-mail: java-dev-h...@axis.apache.org