You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Michael (Jira)" <ji...@apache.org> on 2022/08/22 14:41:00 UTC

[jira] [Commented] (DIRSERVER-2362) ApacheDS 2.0.0-M17 references older log4j that has security vulnerabilities

    [ https://issues.apache.org/jira/browse/DIRSERVER-2362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17583012#comment-17583012 ] 

Michael commented on DIRSERVER-2362:
------------------------------------

Hi Emmanuel,

Do you know when ApacheDS 2.0.0.AM27 will be released?  Thank you.

> ApacheDS 2.0.0-M17 references older log4j that has security vulnerabilities
> ---------------------------------------------------------------------------
>
>                 Key: DIRSERVER-2362
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2362
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-M17
>            Reporter: Michael
>            Priority: Major
>             Fix For: 2.0.0.AM27
>
>
> ApacheDS 2.0.0-M17 (apacheds-service-2.0.0-M17.jar) references older log4j version that might have security vulnerabilities.  
> Does ApacheDS 2.0.0-M17 log4j reference have security vulnerabilities?
> Is there a newer ApacheDS version that uses newer log4j2 that resolves the security vulnerabilities?
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org