Skip to content

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Aug 19, 2025

Updated log4net from 2.0.6 to 2.0.17.

Release notes

Sourced from log4net's releases.

2.0.17

Apache log4net 2.0.17 addresses reported issues:

Bug fixes

Complete diff

2.0.16

A big thanks to @​FreeAndNil for doing all the hard work of collating changes.

Bug fixes

Enhancements

2.0.15

Attention: .NET 3.5 Client Profile is no longer supported. I'm really sorry, I've tried to keep as many of the legacy targets available as possible, but after spending another 4 or so hours trying to get net35-client to build on any machine, I've given up - as far as I'm aware, this should only affect Windows XP clients. I'm afraid 2.0.14 was the end of the road for you. Apache log4net 2.0.15 addresses reported issues:

Bug fixes

  • Improper usage of xml namespacing for netfx targets after a netstandard update ( LOG4NET-685, related LOG4NET-683)
  • Locking hashtables during write in RenderMap calls to make them thread-safe ( LOG4NET-646)
  • An issue where RollingFilAppender would sometimes overwrite files instead of rolling them ( LOG4NET-672)

Enhancements

2.0.14

  • Pull request by @​NicholasNoise to address issues with logging via ado appender to PostgreSQL
  • Community request to correctly handle null data in ReadOnlyPropertiesDictionary
  • Pull request by @​erikmav to use the numeric thread id for .net worker pool threads (LOG4NET-680)
  • Pull request by @​erikmav to dispose of WindowsIdentity retrieved in TryGetCurrentUserName() (LOG4NET-671)

2.0.13

Some minor updates:

This is essentially the same release as rc-1, with the artifacts updated so that unzipping them won't scatter files in the target.

2.0.12

  • Fixes LOG4NET-(652|653)
  • Should resolve issues with PlatformNotSupported exceptions raised on !win32 when attempting to include the current user name in logs.

Full Changelog: apache/logging-log4net@rel/2.0.11...rel/2.0.12

2.0.11

What's Changed

Full Changelog: apache/logging-log4net@rel/2.0.10...rel/2.0.11

2.0.10

Apache log4net 2.0.10 improves netstandard2.0 support thanks to community member @​NicholasNoise.

What's Changed

  • [LOG4NET-575] Addresses CVE-2018-1285 by cherry-picking the fix from Dominik Psenner, reported by Karthik Balasundaram, as it already existed in the the develop branch

Full Changelog: apache/logging-log4net@rel/2.0.9...rel/2.0.10

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---
updated-dependencies:
- dependency-name: log4net
  dependency-version: 2.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Aug 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants