You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "Remko Popma (Jira)" <ji...@apache.org> on 2021/12/15 08:54:00 UTC

[jira] [Closed] (LOG4J2-3233) Log4j 1.x.xx vulnerability assessment

     [ https://issues.apache.org/jira/browse/LOG4J2-3233?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Remko Popma closed LOG4J2-3233.
-------------------------------
    Resolution: Information Provided

> Log4j 1.x.xx vulnerability assessment
> -------------------------------------
>
>                 Key: LOG4J2-3233
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-3233
>             Project: Log4j 2
>          Issue Type: Bug
>          Components: log4j 1.2 emulation, Log4j-to-SLF4J
>         Environment: PRODUCTION
>            Reporter: Ram Subramanian
>            Priority: Major
>         Attachments: image-2021-12-15-16-13-45-747.png
>
>
> Hi Team, 
>  
> We are running legacy decade old applications using log4j 1.2.13 and log4j 1.2.17 , log4j 1.3.xx and 1.4.xx
>  
> Question: 
> are the above older log4j 1.xx versions been impacted by the security vulnerability for log4j2 
>  
> Any help and clarity is much appreciated



--
This message was sent by Atlassian Jira
(v8.20.1#820001)