Hi all, I've never done this before, so bear with me if I fluff it: This is a proposed vote to release log4net 2.0.9 from PR https://github.com/apache/logging-log4net/pull/61
Release artifacts (including source zip) are at: https://ci.appveyor.com/project/fluffynuts/logging-log4net/builds/34063235/artifacts Source can be checked out from https://github.com/fluffynuts/logging-log4net/logging-log4net, tag rel/2.0.9. I can't push tags to the upstream, but this tag is exactly the same commit as the last in the PR mentioned above, which was accepted into master a few days ago. Please check out the artifacts & if everyone is ok with what's there, please can someone with the rights to publish to nuget do so. Once I've seen how this process works, I'd like to tackle the CVE that has been brought up on this list more than once -- it's a simple change which was already committed to the develop branch some time ago, so there are a couple of options here: 1. cherry-pick that commit & do a 2.0.10 release pronto, with only that change 2. trawl the develop branch to see what else was already solved in there, and get that out as 2.0.10, and perhaps close out that branch to avoid future confusion. Thanks for your time -d