0.14.0 / 2021-12-18
Yet another log4j
version update in simpleclient_log4j2
: This time to 2.16.0. Note that the log4j
dependency in simpleclient_log4j2
has scope provided
, i.e. simpleclient_log4j2
does not ship with log4j
. simpleclient_log4j2
uses whatever log4j
version the monitored application provides at runtime. Updating the log4j
dependency in simpleclient_log4j2
helps getting rid of security scanner warnings (see #733), but in order to eliminate the log4j
vulnerability you must make sure that the application you monitor ships with an up-to-date log4j
version.
Apart from the log4j
update we have a new feature:
[ENHANCEMENT] The HTTPServer
can now be configured to use SSL (#695). Thanks @dhoard.