[jira] [Updated] (AXIS2-5993) Upgrade logging to log4j v2.x

Andreas Veithen (Jira) Thu, 24 Dec 2020 07:21:04 -0800


     [ 
https://issues.apache.org/jira/browse/AXIS2-5993?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Andreas Veithen updated AXIS2-5993:
-----------------------------------
    Fix Version/s:     (was: 1.7.9)
                   1.8.0

> Upgrade logging to log4j v2.x
> -----------------------------
>
>                 Key: AXIS2-5993
>                 URL: https://issues.apache.org/jira/browse/AXIS2-5993
>             Project: Axis2
>          Issue Type: Improvement
>          Components: client-api
>    Affects Versions: 1.7.9
>         Environment: Tomcat
>            Reporter: Gregory Knott
>            Assignee: Robert Lazarski
>            Priority: Major
>             Fix For: 1.8.0
>
>
> [https://nvd.nist.gov/vuln/detail/CVE-2019-17571]
> This vulnerability prompts us to upgrade to a v2 version of log4j since all 
> v1 versions are end of support. However all versions of axis2 still use v1 
> log4j.
> If axis2 is not updated, then we will need to move to another web service 
> container.
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org

[jira] [Updated] (AXIS2-5993) Upgrade logging to log4j v2.x

Reply via email to