benzman81 opened a new issue, #995: URL: https://github.com/apache/poi/issues/995
Hi, in the current release log4j-api in version 2.24.3 is used which now raises a security issue in our systems: CVE-2025-68161 (https://nvd.nist.gov/vuln/detail/CVE-2025-68161). I already noticed source code changes in poi to upgrade to log4j-api 2.25.3 which addresses this issue, but there is no release yet with this change. Any chance we can expect a release soon, or is there a time frame when to expect the release? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
