[
https://issues.apache.org/jira/browse/DIRSERVER-2362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17584866#comment-17584866
]
Emmanuel Lécharny commented on DIRSERVER-2362:
----------------------------------------------
Hi Michael,
working on it atm. We are trying to fix as many bugs and other JIRA tickets as
possible. The idea is to cut this long expected release ASAP (but here, ASAP
means weeks, and depends on my work load...)
> ApacheDS 2.0.0-M17 references older log4j that has security vulnerabilities
> ---------------------------------------------------------------------------
>
> Key: DIRSERVER-2362
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2362
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 2.0.0-M17
> Reporter: Michael
> Priority: Major
> Fix For: 2.0.0.AM27
>
>
> ApacheDS 2.0.0-M17 (apacheds-service-2.0.0-M17.jar) references older log4j
> version that might have security vulnerabilities.
> Does ApacheDS 2.0.0-M17 log4j reference have security vulnerabilities?
> Is there a newer ApacheDS version that uses newer log4j2 that resolves the
> security vulnerabilities?
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org
