Thanks for the details information.
I am interested in the Log4J 2 upgrade.
How long does the release take after the RC process normally?
Best regards,
Simon.
On 18 May 2021, at 15:53, Jean-Baptiste Onofre
mailto:j...@nanthrax.net>> wrote:
Hi François,
ActiveMQ 5.17.0 will support JMS 2.0.
347dbbc7a91d05b2f5898%7C1%7C0%7C637551914712269282%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7awgOJ5fZ0dp%2BDerHHvLBuSOkq5p6mIutyYOvXa0jqA%3D&reserved=0
>
> Regards
> JB
>
>> Le 28 avr. 2021 à 09:20, Simon Bil
I just closed the vote this morning and promoted the artifacts on Maven Central
and dist.apache.org<http://dist.apache.org> (they should be available in couple
of hours).
I will tackle the announcement on website and mailing list asap.
Regards
JB
Le 28 avr. 2021 à 09:10, Simon
as off yesterday).
Regards
JB
Le 27 avr. 2021 à 11:24, Simon Billingsley
mailto:simon.billings...@matrixx.com.INVALID>>
a écrit :
Jon,
That’s great news.
It looks like the vote has been open for at least 4 days, so any ETA on when
the vote will be closed?
I can see that an additional binding v
leases, as well as checking that the actual
binaries are sound, so reviewing can involve a lot of work. The 72 hours is
a minimum time the vote has to be open for; its not unusual for votes to
take longer to allow for the work that goes into review.
Jon
On Tue, Apr 27, 2021 at 10:25
Jon,
That’s great news.
It looks like the vote has been open for at least 4 days, so any ETA on when
the vote will be closed?
I can see that an additional binding vote is still required...
Best regards,
Simon.
On 27 Apr 2021, at 09:42, Jonathan Gallimore
mailto:jonathan.gallim...@gmail.com>>
Hello,
Our company is using ActiveMQ v5.16.1
We have scanned the software with a security scanner and it has found
critical/high severity security issues in 3 packages used by ActiveMQ:
- log4j_log4j
- org.apache.shiro_shiro-core
- com.thoughtworks.xstream_xstream
Here is the list is CVEs found: