All,
  I'm currently in the process of building the rc1 for Tika 2.x. On
TIKA-3616, Luís Filipe Nassif asked if we could upgrade log4j to
log4j2 in the 1.x branch.  I think we avoided that because it would be
a breaking change(?).  There are security vulns in log4j and it hit
EOL
in August 2015.
  Should we upgrade the Tika 1.x branch for log4j2?

          Best,

                   Tim


[1] 
https://issues.apache.org/jira/browse/TIKA-3616?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17457595#comment-17457595

Reply via email to