Hi everyone,
I’ve tested the latest version of SoapUI (v5.9.1) and noticed that it is still using Log4j v2.17.1
Could you please confirm whether there are plans to upgrade the Log4j component to a newer version, and if so, whether an estimated timeline is available?
Thank you!
StaffHi Oneagh,
I raised this with the team and we will be addressing the in the next SoapUI release 5.10.0
Appreciate you raising this, we can't provide a timeline, but rest assured it will be included
Cheers,
Yousaf
Hi Yousaf!
What mitigation would you recommend for version 5.9.1 regarding this issue?
Hi!
I need an update regarding both a timeline for the update and mitigation actions for version 5.9.1. Please get back to me with this information.
StaffHi,
Sorry for the late reply,
If you are position to build SoapUI from source, then you can apply the changes in this pull request, which will address the issue, and will be included in the next release
https://github.com/SmartBear/soapui/pull/886
This
