You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Justin Bertram (Jira)" <ji...@apache.org> on 2021/12/14 21:05:00 UTC

[jira] [Closed] (AMQ-8433) Request for a formal response from Active MQ regarding Log4j vulnerability against CVE-2021-44228

     [ https://issues.apache.org/jira/browse/AMQ-8433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Justin Bertram closed AMQ-8433.
-------------------------------
    Resolution: Information Provided

Also, it's worth noting that questions like this should be directed to the [ActiveMQ Users mailing list|https://activemq.apache.org/contact].

> Request for a formal response from Active MQ regarding Log4j vulnerability against CVE-2021-44228
> -------------------------------------------------------------------------------------------------
>
>                 Key: AMQ-8433
>                 URL: https://issues.apache.org/jira/browse/AMQ-8433
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions: 5.15.15
>            Reporter: Imran Ali
>            Priority: Major
>
> Hi Guys, 
> Active MQ is still using Log4j v1 and although its not directly impacted by the vulnerability CVE-2021-44228 we are getting follow up questions from the customers on what is the formal timeline for Active MQ to transitioned to the latest version of log4j.
> Can you please let us know what are the plans regarding this. 
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)