[reload4j] State of the build - take II
Ceki Gülcü
ceki at qos.ch
Tue Jan 11 23:46:35 CET 2022
Hello all,
I am happy to report that the reload4j build is now "releasable". By
"releasable", I mean that it could be released to Maven central if so
desired.
The code is available at https://github.com/qos-ch/reload4j
It can be built with Maven using JDK 8* and targets/runs under JDK 1.5.
** Tried with 1.8.0_121-b13
All tests pass.
The tests were updated but no actual code was changed except for the
removal of NTEventAppender and fixing REL-4.
[REL-1] Standardize and sanitize project structure: Done
[REL-2] CVE-2021-4104 (JMSAppender vulnerability): Fixed
[REL-3] CVE-2019-17571 (de-serialization vulnerability in SocketServer
aka CVE-2019-17571): Will be done tomorrow
[REL-4] Fix MDC in newer JDKs: done
[REL-1] https://jira.qos.ch/browse/REL-1
[REL-2] https://jira.qos.ch/browse/REL-2
[REL-3] https://jira.qos.ch/browse/REL-3
[REL-4] https://jira.qos.ch/browse/REL-4
Please try the build and kindly provide feedback.
--
Ceki Gülcü
Please contact suppport(at)qos.ch for donations, sponsorship or support
contracts related to SLF4J or logback projects.
More information about the reload4j
mailing list