My +1 Ralph
> On Dec 14, 2021, at 11:26 AM, Remko Popma <remko.po...@gmail.com> wrote: > > +1 very light validation but ran a simple test program against the binaries > > On Wed, Dec 15, 2021 at 3:19 AM Carter Kozak <cko...@ckozak.net> wrote: > >> +1 >> >> validated the build and signatures, tests in core modules. >> >> On Tue, Dec 14, 2021, at 00:58, Ralph Goers wrote: >>> This is a vote to release Log4j 2.12.2, a security release for Java 7 >> users. >>> >>> Please download, test, and cast your votes on the log4j developers list. >>> [] +1, release the artifacts >>> [] -1, don't release because... >>> >>> The vote will remain open for as short amount as time as required to vet >> the release. All votes are welcome and we encourage everyone to test the >> release, but only Logging PMC votes are “officially” counted. As always, at >> least 3 +1 votes and more positive than negative votes are required. >>> >>> Changes in this version include: >>> >>> Fixed Bugs >>> >>> • LOG4J-3220: Disable JNDI by default, remove JNDI Lookup, remove >> message lookups. When enabled JNDI only supports the java protocol. >>> >>> Tag: >>> a) for a new copy do "git clone >> https://github.com/apache/logging-log4j2.git" and then "git checkout >> tags/log4j-2.12.2-rc1” or just "git clone -b log4j-2.12.2-rc1 >> https://github.com/apache/logging-log4j2.git" >>> b) for an existing working copy to “git pull” and then “git checkout >> tags/log4j-2.12.2-rc1” >>> >>> Web Site: No web site was generated for this release. The 2.16.0 web >> site will be updated appropriately. >>> >>> Maven Artifacts: >> https://repository.apache.org/content/repositories/orgapachelogging-1070 >>> >>> Distribution archives: >> https://dist.apache.org/repos/dist/dev/logging/log4j/ >>> >>> You may download all the Maven artifacts by executing: >>> wget -e robots=off --cut-dirs=7 -nH -r -p -np --no-check-certificate >> https://repository.apache.org/content/repositories/orgapachelogging-1070/org/apache/logging/log4j/ >> >> -ck