Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 6F3BD200B9A for ; Fri, 7 Oct 2016 17:36:22 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 6E2AA160AC6; Fri, 7 Oct 2016 15:36:22 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id B37D7160AE8 for ; Fri, 7 Oct 2016 17:36:21 +0200 (CEST) Received: (qmail 15603 invoked by uid 500); 7 Oct 2016 15:36:20 -0000 Mailing-List: contact log4j-dev-help@logging.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "Log4J Developers List" Reply-To: "Log4J Developers List" Delivered-To: mailing list log4j-dev@logging.apache.org Received: (qmail 15578 invoked by uid 99); 7 Oct 2016 15:36:20 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 07 Oct 2016 15:36:20 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 96DFD2C2A66 for ; Fri, 7 Oct 2016 15:36:20 +0000 (UTC) Date: Fri, 7 Oct 2016 15:36:20 +0000 (UTC) From: "Jason Tedor (JIRA)" To: log4j-dev@logging.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (LOG4J2-1560) Log4j can lose exceptions when a security manager is present MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Fri, 07 Oct 2016 15:36:22 -0000 [ https://issues.apache.org/jira/browse/LOG4J2-1560?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15555404#comment-15555404 ] Jason Tedor commented on LOG4J2-1560: ------------------------------------- This patch was against master for inclusion in the 2.7 release. I also [inquired|https://issues.apache.org/jira/browse/LOG4J2-1560?focusedCommentId=15459218&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15459218] in this thread about getting an immediate 2.6.3 release that included a version of this patch. I was [asked|https://issues.apache.org/jira/browse/LOG4J2-1560?focusedCommentId=15463105&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15463105] to prepare a patch against 2.6.3 for that purpose; that patch is included in LOG4J2-1563. Instead of applying that patch against 2.6.2 and releasing 2.6.3 immediately as requested, and applying this patch against master for inclusion in 2.7, for reasons not clear to me this patch was not applied anywhere, and the patch in LOG4J2-1563 was not applied against 2.6.2, but instead against master. The 2.6.3 released was never performed. > Log4j can lose exceptions when a security manager is present > ------------------------------------------------------------ > > Key: LOG4J2-1560 > URL: https://issues.apache.org/jira/browse/LOG4J2-1560 > Project: Log4j 2 > Issue Type: Bug > Components: Core > Affects Versions: 2.6.2 > Reporter: Jason Tedor > Attachments: log4j-exception-logging-issue.tar.gz, throwable-proxy-security-exception-2.6.2.patch > > > When Log4j is rendering an exception, it can attempt to load classes that it does not have permissions to load when a security manager is present. > I have a patch and a failing test case for this; I will submit it shortly. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: log4j-dev-unsubscribe@logging.apache.org For additional commands, e-mail: log4j-dev-help@logging.apache.org