2.9.1 (2017-09-17)

This release contains bugfixes and minor enhancements.

As of Log4j 2.9.0, the Log4j API was modified to use java.util.ServiceLoader to locate Log4j implementations, although the former binding mechanism is still supported. The Log4j JAR is now a multi-release JAR to provide implementations of the Java 9 specific classes. Multi-release JARs are not supported by the OSGi specification so OSGi modules will not be able to take advantage of these implementations but will not lose functionality as they will fall back to the implementations used in Java 7 and 8. More details on the new features and fixes are itemized below.

Note that subsequent to the 2.9.0 release, for security reasons, SerializedLayout is deprecated and no longer used as default in the Socket and JMS appenders. SerializedLayout can still be used as before, but has to be specified explicitly. To retain old behaviour, you have to change configuration like:

  <Socket name="socket" host="localhost" port="9500"/>


  <Socket name="socket" host="localhost" port="9500">

We do, however, discourage the use of SerializedLayout and recommend JsonLayout as a replacement:

  <Socket name="socket" host="localhost" port="9500">
    <JsonLayout properties="true"/>

Note that subsequent to the 2.9.0 release, for security reasons, Log4j does not process DTD in XML files. If you used DTD for including snippets, you have to use XInclude or Composite Configuration instead.

The Log4j 2.9.1 API, as well as many core components, maintains binary compatibility with previous releases.

Log4j 2.9.1 requires a minimum of Java 7 to build and run. Log4j 2.3 was the last release that supported Java 6.

Basic compatibility with Log4j 1.x is provided through the log4j-1.2-api component, however it does not implement some of the very implementation specific classes and methods. The package names and Maven groupId have been changed to org.apache.logging.log4j to avoid any conflicts with Log4j 1.x.

For complete information on Apache Log4j 2, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Log4j 2 website.



  • Use a class' canonical name instead of name to create its logger name. (for LOG4J2-2023 by Gary Gregory)

  • Update Jackson from 2.9.0 to 2.9.1 (fix for Java 9.) (for LOG4J2-2043 by Gary Gregory)

  • Update Apache Commons CSV from 1.4 to 1.5. (for LOG4J2-2044 by Gary Gregory)

  • Update javax.mail from 1.5.6 to 1.6.0. (for LOG4J2-2045 by Gary Gregory)

  • Update Apache Commons Compress from 1.13 to 1.14. (for LOG4J2-2046 by Gary Gregory)

  • Update Cassandra driver from 3.1.0 to 3.1.4. (for LOG4J2-2047 by Gary Gregory)

  • Update Apache Kafka Client from to (for LOG4J2-2049 by Gary Gregory)


  • Prevent ConcurrentModificationException with AsyncLoggerConfig. (for LOG4J2-1914 by Remko Popma)

  • ClassNotFoundException when making all loggers asynchronous under OSGi environment. (for LOG4J2-1936 by Gary Gregory, Helber Belmiro)

  • Prevent ConcurrentModificationException with AsyncLoggerConfig. (for LOG4J2-1988 by Remko Popma)

  • java.lang.AbstractMethodError: javax.xml.parsers.DocumentBuilderFactory.setFeature(). (for LOG4J2-2026 by Gary Gregory, Leon Finker)

  • Java 9 StackLocator was not properly skipping the initial stack frames. (for LOG4J2-2028 by Ralph Goers, Jason Tedor)

  • Marker examples should not use deprecated flow APIs. (for LOG4J2-2029 by Gary Gregory, Fabrizio Cucci)

  • Inspect all known ClassLoaders to locate the service provider. (for LOG4J2-2030 by Ralph Goers)

  • Fix documentation to clarify disruptor-3.3.4 is now required for async loggers (previously the docs referred to disruptor-3.3.3 which was never released). (for LOG4J2-2035 by Remko Popma)

  • Increase default queue size for AsyncAppender from 128 to 1024. (for LOG4J2-2048 by Remko Popma)