[qos.ch-announce] Release of reload4j version 1.2.8.0

QOS.ch annoucements announce at qos.ch
Wed Jan 12 16:45:59 CET 2022 

Apologies, for the wrong subject line. It is version 1.2.18.0.

On 1/12/2022 2:59 PM, QOS.ch annoucements wrote:
> 
> Hello all,
> 
> I am very happy to announce the immediate availability of reload4j
> version 1.2.8.0. It is intended as a drop-in replacement for log4j
> version 1.2.17. By drop in, we mean the replacement of log4j.jar with
> reload4j.jar in your build with no source code changes in .java files
> being necessary.
> 
> Reload4j has the following Maven coordinates:
> 
>   <dependency>
>     <groupId>ch.qos.reload4j</groupId>
>     <artifactId>reload4j</artifactId>
>     <version>1.2.18.0</version>
>   </dependency>
> 
> Reload4j was built using Java 8 but targets Java 1.5.
> 
> Version 1.2.8.0 corrects the following issues:
> 
> The unit tests were updated but no actual code was changed except for
> the removal of NTEventAppender and the correction of the following issues:
> 
> [REL-1] Standardize and sanitize project folder structure
> [REL-2] CVE-2021-4104 (JMSAppender vulnerability)
> [REL-3] CVE-2019-17571 (de-serialization vulnerability in SocketServer
> aka CVE-2019-17571)
> [REL-4] MDC breakage in newer JDKs
> 
> Project web-site: https://reload4j.qos.ch/
> Source repository: https://github.com/qos-ch/reload4j
> Jira:  https://jira.qos.ch/
> 
> With release 1.2.8.0 we have addressed the most pressing issues
> regarding log4j 1.x vulnerabilities.
> 
> Donations and sponsorship
> 
> You can also support SLF4J/logback/reload4j projects via donations and
> sponsorship. We thank our current supporters and sponsors for their
> continued contributions.
> 
> Sponsorship link:  https://github.com/sponsors/qos-ch?o=esb
> 
> Announcement mailing list:
> 
> You can receive SLF4J/logback/reload4j related announcements by
> subscribing QOS.ch announce list, please visit the following URL.
> 
>    http://www.qos.ch/mailman/listinfo/announce
> 
> Enjoy,
> 

-- 
Ceki Gülcü

Please contact support(at)qos.ch for donations, sponsorship or support
contracts related to SLF4J/logback/reload4j projects.

More information about the announce mailing list