You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2022/10/24 14:54:00 UTC

[jira] [Commented] (JSPF-109) Please create a new version

    [ https://issues.apache.org/jira/browse/JSPF-109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17623228#comment-17623228 ] 

Benoit Tellier commented on JSPF-109:
-------------------------------------

+1

Discussed here https://www.mail-archive.com/server-dev@james.apache.org/msg72530.html

> Please create a new version
> ---------------------------
>
>                 Key: JSPF-109
>                 URL: https://issues.apache.org/jira/browse/JSPF-109
>             Project: James jSPF
>          Issue Type: Request
>            Reporter: Mark Wijnbergen
>            Priority: Major
>
> There are vulnerabilities in this project ([https://javalibs.com/artifact/org.apache.james.jspf/apache-jspf-resolver),] which are caused by Log4J, which is no longer maintained.
> I would really appreciate if a new deployment could be made based on the latest commit [https://github.com/apache/james-jspf/commit/6b12046c67d1a3edea8c226a143e86ef76fc6922] that drops Log4J, and thus should fix all vulnerabilities.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org