You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2021/12/14 12:25:00 UTC

[jira] [Commented] (JAMES-3685) upgrade to log4j 2.16.0

    [ https://issues.apache.org/jira/browse/JAMES-3685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459114#comment-17459114 ] 

Benoit Tellier commented on JAMES-3685:
---------------------------------------

According to Log4J 2.16.0 release notes...


{code:java}
While this change is recommended, it is NOT
required to fix CVE-2021-44228.
{code}

-> Nice to have!


> upgrade to log4j 2.16.0
> -----------------------
>
>                 Key: JAMES-3685
>                 URL: https://issues.apache.org/jira/browse/JAMES-3685
>             Project: James Server
>          Issue Type: Improvement
>          Components: James Core
>            Reporter: PJ Fanning
>            Priority: Major
>
> https://mail-archives.apache.org/mod_mbox/www-announce/202112.mbox/%3CCACmp6ko9BevS%2BdKLPRon1sC9Aiz%3Ded7S1qpuqmE8c8U8Wr2u7Q%40mail.gmail.com%3E



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org