You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ant.apache.org by bu...@apache.org on 2021/12/13 12:59:32 UTC

[Bug 65747] Impact of CVE-2021-44228 on Apache Ant

https://bz.apache.org/bugzilla/show_bug.cgi?id=65747

Stefan Bodewig <bo...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #1 from Stefan Bodewig <bo...@apache.org> ---
Ant does not use log4j2.x at all and never has.

In theory somebody could set up the completely depreacted log4j 1.x listener to
use log4j2 and the bridge, but this is way outside of what Ant does out of the
box.

BTW, Bugzilla is not the best place to ask questions about Ant.

-- 
You are receiving this mail because:
You are the assignee for the bug.