[DIRSERVER-2362] ApacheDS 2.0.0-M17 references older log4j that has security vulnerabilities - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.0-M17
Fix Version/s: 2.0.0.AM27
Component/s: None
Labels:
None

Description

ApacheDS 2.0.0-M17 (apacheds-service-2.0.0-M17.jar) references older log4j version that might have security vulnerabilities.

Does ApacheDS 2.0.0-M17 log4j reference have security vulnerabilities?

Is there a newer ApacheDS version that uses newer log4j2 that resolves the security vulnerabilities?

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Michael

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 10/Jan/22 15:21

Updated:: 25/Aug/22 14:01

Resolved:: 20/Aug/22 17:15