Hi folks, with our recent v1.6.1 release (an announcement is about to be sent out) we are on 2.16.0 to mitigate the infamous CVE-2021-44228 <https://nvd.nist.gov/vuln/detail/CVE-2021-44228> security vulnerability. However, there were subsequent security issues found and those problems were addressed in later versions. For more information please read Log4J's security vulnerability page: https://logging.apache.org/log4j/2.x/security.html
I'm proposing to kick off a new 1.6.2 release that includes the fix for https://issues.apache.org/jira/browse/KNOX-2702. Any objection? Cheers, Sandor
