You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jmeter.apache.org by NaveenKumar Namachivayam <ca...@gmail.com> on 2021/12/19 00:09:59 UTC
Log4j 2.17 Update
Hi Team,
Log4j 2.17 has been released for the CVE-2021-45105. Any plans to release a
minor version or, are we going to Jmeter 5.5?
Any input please?
Thanks!
Re: Log4j 2.17 Update
Posted by Philippe Mouawad <p....@ubik-ingenierie.com>.
Hello,
This CVE is not as critical as previous ones, it allows denial of service
not to take control of server.
since JMeter is not a server application but more a client tool, I don’t
think there is an urgent need to release a new version.
See:
-
https://snyk.io/blog/log4j-2-16-high-severity-vulnerability-cve-cve-2021-45105-discovered/
Regards
On Sunday, December 19, 2021, NaveenKumar Namachivayam <
catchnaveen.psgtech@gmail.com> wrote:
> Hi Team,
>
>
>
> Log4j 2.17 has been released for the CVE-2021-45105. Any plans to release a
> minor version or, are we going to Jmeter 5.5?
>
>
>
> Any input please?
>
>
> Thanks!
>
>
--
Cordialement
Philippe M.
Ubik-Ingenierie