You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jmeter.apache.org by NaveenKumar Namachivayam <ca...@gmail.com> on 2021/12/19 00:09:59 UTC

Log4j 2.17 Update

Hi Team,



Log4j 2.17 has been released for the CVE-2021-45105. Any plans to release a
minor version or, are we going to Jmeter 5.5?



Any input please?


Thanks!
‌

Re: Log4j 2.17 Update

Posted by Philippe Mouawad <p....@ubik-ingenierie.com>.

Hello,
This CVE is not as critical as previous ones, it allows denial of service
not to take control of server.
since JMeter is not a server application but more a client tool, I don’t
think there is an urgent need to release a new version.

See:
-
https://snyk.io/blog/log4j-2-16-high-severity-vulnerability-cve-cve-2021-45105-discovered/

Regards

On Sunday, December 19, 2021, NaveenKumar Namachivayam <
catchnaveen.psgtech@gmail.com> wrote:

> Hi Team,
>
>
>
> Log4j 2.17 has been released for the CVE-2021-45105. Any plans to release a
> minor version or, are we going to Jmeter 5.5?
>
>
>
> Any input please?
>
>
> Thanks!
> ‌
>

-- 
Cordialement
Philippe M.
Ubik-Ingenierie