[jira] [Updated] (AMQ-8475) ActiveMQ uses log4j 1.2.17

Alexei Yarilovets (Jira) Sun, 06 Feb 2022 06:44:04 -0800


     [ 
https://issues.apache.org/jira/browse/AMQ-8475?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Alexei Yarilovets updated AMQ-8475:
-----------------------------------
    Description: 
ActiveMQ server uses old log4j library with CVEs with critical severity
Tested here:
[https://search.maven.org/artifact/org.apache.activemq/activemq-all/5.16.3/jar]
ActiveMQ uses log4j 1.2.17

  was:
ActiveMQ server uses old log4j library with CVEs with critical severity
Tested here:
[https://search.maven.org/artifact/org.apache.activemq/activemq-all/5.16.3/jar]


> ActiveMQ uses log4j 1.2.17
> --------------------------
>
>                 Key: AMQ-8475
>                 URL: https://issues.apache.org/jira/browse/AMQ-8475
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.16.3
>            Reporter: Alexei Yarilovets
>            Priority: Major
>              Labels: docker, logging, security-issue
>
> ActiveMQ server uses old log4j library with CVEs with critical severity
> Tested here:
> [https://search.maven.org/artifact/org.apache.activemq/activemq-all/5.16.3/jar]
> ActiveMQ uses log4j 1.2.17



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (AMQ-8475) ActiveMQ uses log4j 1.2.17

Reply via email to