You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sling.apache.org by ro...@apache.org on 2021/12/17 12:26:20 UTC

[sling-site] branch master updated: log4shell: fix log4j affected versions

This is an automated email from the ASF dual-hosted git repository.

rombert pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-site.git


The following commit(s) were added to refs/heads/master by this push:
     new 4bd6299  log4shell: fix log4j affected versions
4bd6299 is described below

commit 4bd6299b3f64f5758d3b86a9e63c5fc7fe9b4eda
Author: Robert Munteanu <ro...@apache.org>
AuthorDate: Fri Dec 17 13:26:03 2021 +0100

    log4shell: fix log4j affected versions
---
 src/main/jbake/content/security/log4shell.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/jbake/content/security/log4shell.md b/src/main/jbake/content/security/log4shell.md
index 6f72668..ac1af52 100644
--- a/src/main/jbake/content/security/log4shell.md
+++ b/src/main/jbake/content/security/log4shell.md
@@ -6,7 +6,7 @@ tableOfContents=false
 ~~~~~~
 
 On 9th December 2021, a new zero-day vulnerability for [Apache Log4j 2](https://logging.apache.org/log4j/2.x/index.html) was reported. It is tracked under [CVE-2021-44228](
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) and affects Log4j versions from 2.0.1 (inclusive) to 2.15.0
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) and affects Log4j versions from 2.0-beta9 (inclusive) to 2.15.0
 (exclusive). It is also known under the *Log4Shell* name.
 
 Apache Sling modules use the [Simple Logging Facade for Java](http://www.slf4j.org) (slf4j) for logging, backed by the [Sling Commons Log