[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sandesha-dev
Subject:    [jira] [Created] (AXIS2-5993) Upgrade logging to log4j v2.x
From:       "Gregory Knott (Jira)" <jira () apache ! org>
Date:       2020-11-19 5:01:00
Message-ID: JIRA.13341495.1605762039000.208718.1605762060030 () Atlassian ! JIRA
[Download RAW message or body]

Gregory Knott created AXIS2-5993:
------------------------------------

             Summary: Upgrade logging to log4j v2.x
                 Key: AXIS2-5993
                 URL: https://issues.apache.org/jira/browse/AXIS2-5993
             Project: Axis2
          Issue Type: Improvement
          Components: client-api
    Affects Versions: 1.7.9
         Environment: Tomcat
            Reporter: Gregory Knott
             Fix For: 1.7.9


[https://nvd.nist.gov/vuln/detail/CVE-2019-17571]

This vulnerability prompts us to upgrade to a v2 version of log4j since all=
 v1 versions are end of support. However all versions of axis2 still use v1=
 log4j.

If axis2 is not updated, then we will need to move to another web service c=
ontainer.

=C2=A0



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]