You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2022/11/04 07:52:00 UTC

[jira] [Closed] (JSPF-109) Please create a new version

     [ https://issues.apache.org/jira/browse/JSPF-109?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Benoit Tellier closed JSPF-109.
-------------------------------
    Resolution: Fixed

The release happened today.

Wait the weekend for maven dependencies to propagate ;-)

> Please create a new version
> ---------------------------
>
>                 Key: JSPF-109
>                 URL: https://issues.apache.org/jira/browse/JSPF-109
>             Project: James jSPF
>          Issue Type: Request
>            Reporter: Mark Wijnbergen
>            Priority: Major
>
> There are vulnerabilities in this project ([https://javalibs.com/artifact/org.apache.james.jspf/apache-jspf-resolver),] which are caused by Log4J, which is no longer maintained.
> I would really appreciate if a new deployment could be made based on the latest commit [https://github.com/apache/james-jspf/commit/6b12046c67d1a3edea8c226a143e86ef76fc6922] that drops Log4J, and thus should fix all vulnerabilities.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org