You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Imran Ali (Jira)" <ji...@apache.org> on 2021/12/13 22:25:00 UTC

[jira] [Created] (AMQ-8433) Request for a formal response from Active MQ regarding Log4j vulnerability against CVE-2021-44228

Imran Ali created AMQ-8433:
------------------------------

             Summary: Request for a formal response from Active MQ regarding Log4j vulnerability against CVE-2021-44228
                 Key: AMQ-8433
                 URL: https://issues.apache.org/jira/browse/AMQ-8433
             Project: ActiveMQ
          Issue Type: Bug
          Components: Documentation
    Affects Versions: 5.15.15
            Reporter: Imran Ali


Hi Guys, 

Active MQ is still using Log4j v1 and although its not directly impacted by the vulnerability CVE-2021-44228 we are getting follow up questions from the customers on what is the formal timeline for Active MQ to transitioned to the latest version of log4j.

Can you please let us know what are the plans regarding this. 

 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)