The Apache JMeter team is pleased to announce the availability of Apache
JMeter 5.4.3 (b01f761463).
This release is only a sexcurity fix release about the CVE-2021-45105:
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3) did
not protect from uncontrolled recursion from self-referential lookups.
This allows an attacker with control over Thread Context Map data to
cause a denial of service when a crafted string is interpreted.
JMeter 5.4.3 requires Java 8+ to run.
== All users are highly recommended to upgrade ==
The Apache JMeter application is a 100% pure Java application designed
to test server applications.
It can be used to:
* generate test loads
* measure performance.
* test functional behavior
It includes support for protocols such as HTTP(S), JDBC, JMS, FTP, LDAP,
TCP, native calls and others.
It can also be easily extended with user-written code.
See https://jmeter.apache.org/
Users are highly encouraged to read the JMeter Best Practices section:
https://jmeter.apache.org/usermanual/best-practices.html
The release can be downloaded from:
https://jmeter.apache.org/download_jmeter.cgi
When downloading, please verify signatures using the KEYS file:
https://www.apache.org/dist/jmeter/KEYS
Only the binary archive is needed to run JMeter - there is no need to
download the source archive.
However there are some optional libraries which are not included.
See the "Getting Started" page for details:
https://jmeter.apache.org/usermanual/get-started.html
JMeter artifacts can be downloaded on Maven Central :
<groupId>org.apache.jmeter</groupId>
<artifactId>ApacheJMeter</artifactId>
<version>5.4.3</version>
(please wait next sync cycle for Maven repo, to see lastest version)
Enjoy!
The JMeter team
---
https://twitter.com/ApacheJMeter
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@jmeter.apache.org
For additional commands, e-mail: user-h...@jmeter.apache.org
