You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "Volkan Yazici (Jira)" <ji...@apache.org> on 2022/05/02 21:11:00 UTC

[jira] [Updated] (LOG4J2-3423) JAR file containing Log4j configuration isn't closed

     [ https://issues.apache.org/jira/browse/LOG4J2-3423?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Volkan Yazici updated LOG4J2-3423:
----------------------------------
    Fix Version/s: 2.18.0
                       (was: 2.17.3)

> JAR file containing Log4j configuration isn't closed
> ----------------------------------------------------
>
>                 Key: LOG4J2-3423
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-3423
>             Project: Log4j 2
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 2.14.0
>         Environment: Windows
>            Reporter: Radim Tlusty
>            Assignee: Gary D. Gregory
>            Priority: Major
>             Fix For: 2.18.0
>
>
> If the Log4j configuration file is inside of a JAR file, then the JAR file (which is backed by the {{JarURLConnection}} retrieved from {{{}URL.openConnection{}}}) isn't closed.
> This causes problems on Tomcat running on Windows during undeploying of an application, because the opened JAR file can't be deleted.
> The problem was introduced during implementation of LOG4J2-2901 (version 2.14.0), where the {{URL.openStream}} was replaced by {{URL.openConnection}} in the class {{{}org.apache.logging.log4j.core.config.ConfigurationSource{}}}.
> The proposed solution (https://github.com/apache/logging-log4j2/pull/780) is to use the {{URL.openConnection}} only when needed (~ configuration URL has HTTPS protocol), otherwise similar code as in previous versions (<= 2.13.3) would be used.
>  



--
This message was sent by Atlassian Jira
(v8.20.7#820007)