Reload4j

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages) The topic of this article may not meet Wikipedia's notability guidelines for products and services. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted. Find sources: "Reload4j" – news · newspapers · books · scholar · JSTOR (January 2022) (Learn how and when to remove this message) This article does not cite any sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Reload4j" – news · newspapers · books · scholar · JSTOR (January 2022) (Learn how and when to remove this message) This article has no links to other Wikipedia articles. Please help improve this article by adding links that are relevant to the context within the existing text. (January 2022) This article provides insufficient context for those unfamiliar with the subject. Please help improve the article by providing more context for the reader. (January 2022) (Learn how and when to remove this message) (Learn how and when to remove this message)

It has been suggested that this article be merged into Log4j. (Discuss) Proposed since January 2022.

Reload4j ^[1] was created by the original author of log4j 1.x, Ceki Gulcu. Reload4j is a fork of log4j version 1.2.17. It preserves the same java name space, that is "org.apache.log4j". However, is is published under the "ch.qos.reload4j" group id in Maven Central.

The aim of the reload4j project is to provide a migration path to those users wishing to correct log4j 1.x security issues. For many companies this is a requirement by the FTC^[2]. Upgrading to a newer version of log4j 1.x is not possible since the project has been declared EOL ^[3] by the Apache Software Foundation. This decision was reaffirmed in 2022^[4]. Moreover, log4j 2.x has a considerably different API and configuration style.

Reload4j fixes the following vulnerabilities:

• CVE-2021-4104^[5]
• CVE-2019-17571^[6]

Version 1.2.8.0 of reload4j was released on January the 12th, 2022 and is available for public consumption.

Subsequently, the SLF4J project has released SLF4J version 1.7.33^[7] with support for reload4j via the slf4j-reload4j module.^[8]

This redirect has not been added to any content categories. Please help out by adding categories to it so that it can be listed with similar redirects, in addition to a stub category. (January 2022)

This computer-programming-related article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e