You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by Paul Spencer <pa...@mindspring.com> on 2021/12/12 18:18:13 UTC
Karaf 3.0.x "Apache Log4j Remote Code Execution Vulnerability" mitigation?
For users of Karaf 3.0.x that uses Pax Logging version 1.8.x, what is the recommended mitigation for "Apache Log4j Remote Code Execution Vulnerability", CVE-2021-44228?
Paul Spencer
Re: Karaf 3.0.x "Apache Log4j Remote Code Execution Vulnerability" mitigation?
Posted by JB Onofré <jb...@nanthrax.net>.
Hi Paul
Only log4j 2.x is only impacted, Karaf 3.0/pax logging 1.8 uses log4j 1.x so no problem.
Regards
JB
> Le 12 déc. 2021 à 19:18, Paul Spencer <pa...@mindspring.com> a écrit :
>
> For users of Karaf 3.0.x that uses Pax Logging version 1.8.x, what is the recommended mitigation for "Apache Log4j Remote Code Execution Vulnerability", CVE-2021-44228?
>
> Paul Spencer
>