You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@logging.apache.org by "Volkan Yazici (Jira)" <ji...@apache.org> on 2022/05/02 21:11:00 UTC
[jira] [Updated] (LOG4J2-3423) JAR file containing Log4j configuration isn't closed
[ https://issues.apache.org/jira/browse/LOG4J2-3423?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Volkan Yazici updated LOG4J2-3423:
----------------------------------
Fix Version/s: 2.18.0
(was: 2.17.3)
> JAR file containing Log4j configuration isn't closed
> ----------------------------------------------------
>
> Key: LOG4J2-3423
> URL: https://issues.apache.org/jira/browse/LOG4J2-3423
> Project: Log4j 2
> Issue Type: Bug
> Components: Core
> Affects Versions: 2.14.0
> Environment: Windows
> Reporter: Radim Tlusty
> Assignee: Gary D. Gregory
> Priority: Major
> Fix For: 2.18.0
>
>
> If the Log4j configuration file is inside of a JAR file, then the JAR file (which is backed by the {{JarURLConnection}} retrieved from {{{}URL.openConnection{}}}) isn't closed.
> This causes problems on Tomcat running on Windows during undeploying of an application, because the opened JAR file can't be deleted.
> The problem was introduced during implementation of LOG4J2-2901 (version 2.14.0), where the {{URL.openStream}} was replaced by {{URL.openConnection}} in the class {{{}org.apache.logging.log4j.core.config.ConfigurationSource{}}}.
> The proposed solution (https://github.com/apache/logging-log4j2/pull/780) is to use the {{URL.openConnection}} only when needed (~ configuration URL has HTTPS protocol), otherwise similar code as in previous versions (<= 2.13.3) would be used.
>
--
This message was sent by Atlassian Jira
(v8.20.7#820007)