[ https://issues.apache.org/jira/browse/DIRSERVER-2362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17482587#comment-17482587 ]
Michael commented on DIRSERVER-2362: ------------------------------------ Do you know when ApacheDS will move to log4j 2.17.1 version? Thank you. > ApacheDS 2.0.0-M17 references older log4j that has security vulnerabilities > --------------------------------------------------------------------------- > > Key: DIRSERVER-2362 > URL: https://issues.apache.org/jira/browse/DIRSERVER-2362 > Project: Directory ApacheDS > Issue Type: Bug > Affects Versions: 2.0.0-M17 > Reporter: Michael > Priority: Major > > ApacheDS 2.0.0-M17 (apacheds-service-2.0.0-M17.jar) references older log4j > version that might have security vulnerabilities. > Does ApacheDS 2.0.0-M17 log4j reference have security vulnerabilities? > Is there a newer ApacheDS version that uses newer log4j2 that resolves the > security vulnerabilities? > > -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org