On Thu, Dec 16, 2021 at 10:18 PM Enrico Olivelli wrote:
>
> +1
>
> Especially if we have to deliver the upgrade of log4j2
BK 4.14 is including log4j 1.2.x, which has other vulnerabilities,
though not the log4shell one.
+1
Best,
Hang
Enrico Olivelli 于2021年12月17日周五 14:18写道:
>
> +1
>
> Especially if we have to deliver the upgrade of log4j2
>
> We should also consider to send to EOL other release lines
>
> Enrico
>
> Il Ven 17 Dic 2021, 05:40 Sijie Guo ha scritto:
>
> > +1
> >
> > On Tue, Dec 14, 2021 at 6:35 AM
+1
Especially if we have to deliver the upgrade of log4j2
We should also consider to send to EOL other release lines
Enrico
Il Ven 17 Dic 2021, 05:40 Sijie Guo ha scritto:
> +1
>
> On Tue, Dec 14, 2021 at 6:35 AM Matteo Merli wrote:
>
> > There are few fixes in the 4.14 that would be good to
+1
On Tue, Dec 14, 2021 at 6:35 AM Matteo Merli wrote:
> There are few fixes in the 4.14 that would be good to release soon.
>
> Given that the timeline for 4.15 can be quite long, I'd propose to
> release one more patch release right now.
>
> Let me know if there are other fixes to include.
>
>
