GitHub

log4j 1.2: Hybrid Maven/Ant build stuff - antrun ant junit tests breaking - MinimumTestCase failed

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-antrun-plugin:1.8:run (runAll) on project log4j: An Ant BuildException has occured: The following error ...
GitHub

log4j 1.2.15: "assembly descriptor filesystem-root relative reference" warning under maven-assembly-plugin 2.6

When I bumped maven-assembly-plugin from 2.2.2 to 2.6, I started getting this warning. [INFO] --- maven-assembly-plugin:2.6:assembly (default-cli) @ log4j --- [INFO] Reading assembly descriptor: ...
InfoQ

Apache Log4j 2.0 - Worth the Upgrade?

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Dark Reading

The Log4j Flaw Will Take Years to Be Fully Addressed

More than 80% of Java packages affected by the vulnerability in the Apache Log4j library cannot be updated directly and will require coordination between different project teams to address the flaw. A ...
Threat Post

Third Log4J Bug Can Trigger DoS; Apache Issues Patch

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...
ZDNet

After Log4j, White House fears the next big open source vulnerability

The White House is holding a meeting today with Apache, Google, Apple, Amazon, and other major tech organizations to discuss software security and open source tools. This comes in the wake of the ...