Hi Ralph, On Wed, 25 May 2022 at 05:44, Ralph Goers <[email protected]> wrote:
> I’ve created https://issues.apache.org/jira/browse/LOG4J2-3516 for this. > > Ralph > Thanks for the fix. In the meantime I solved the small obstacle to the H2 upgrade ( https://github.com/eclipse-ee4j/eclipselink/issues/1393), so all `log4j-core` dependencies should be up-to-date and CVE-free. Can we consider https://github.com/apache/logging-log4j2/pull/851 for inclusion in 2.18.0: the user who asked for it was quite insistent. :-) Piotr
