You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2021/12/14 12:25:00 UTC
[jira] [Commented] (JAMES-3685) upgrade to log4j 2.16.0
[ https://issues.apache.org/jira/browse/JAMES-3685?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459114#comment-17459114 ]
Benoit Tellier commented on JAMES-3685:
---------------------------------------
According to Log4J 2.16.0 release notes...
{code:java}
While this change is recommended, it is NOT
required to fix CVE-2021-44228.
{code}
-> Nice to have!
> upgrade to log4j 2.16.0
> -----------------------
>
> Key: JAMES-3685
> URL: https://issues.apache.org/jira/browse/JAMES-3685
> Project: James Server
> Issue Type: Improvement
> Components: James Core
> Reporter: PJ Fanning
> Priority: Major
>
> https://mail-archives.apache.org/mod_mbox/www-announce/202112.mbox/%3CCACmp6ko9BevS%2BdKLPRon1sC9Aiz%3Ded7S1qpuqmE8c8U8Wr2u7Q%40mail.gmail.com%3E
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org