[DOXIA-610] Update doxia-module-fo to not use log4j - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Dependency upgrade
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.9.1
Fix Version/s: 1.10
Component/s: Module - FO
Labels:
None

Description

This is critical for a release. The version of log4j is 1.2.17 and contains the following security risk:

This should be updated to use org.apache.logging.log4j:log4j-core:2.13.2

Attachments

Issue Links

links to

GitHub Pull Request #37

Activity

People

Assignee:: Sylwester Lachiewicz

Reporter:: John Burnham

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 10/Jun/20 17:52

Updated:: 20/Aug/20 07:45

Resolved:: 20/Aug/20 07:45