+1 for Option 1 On 12/29/2021 2:33 PM, Christian Grobmeier wrote:
Hello,as discussed in another thread, this is a vote about the future of log4j 1. This vote stays open for the usual 72h. Options are explained below. You can vote for: [ ] +1, Option 1 [ ] +1, Option 2 [ ] +/- 0, abstain [ ] -1 object against those options Option 1: Create a README.md that publishes the projects EOL status and do nothing else. Option 2: Create a README which says the project is EOL but allow the following work for 1.2.18 AND create a full release: a. Make the build work with a modern version of Maven. b. Fix the Java version bug. c. Fix CVE-2021-4104 (expanded to address all JNDI components) d. Fix CVE-2019-17571 Regards, Christian -- The Apache Software Foundation V.P., Data Privacy
