You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Justin Bertram (Jira)" <ji...@apache.org> on 2021/12/14 21:05:00 UTC
[jira] [Closed] (AMQ-8433) Request for a formal response from Active MQ regarding Log4j vulnerability against CVE-2021-44228
[ https://issues.apache.org/jira/browse/AMQ-8433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Justin Bertram closed AMQ-8433.
-------------------------------
Resolution: Information Provided
Also, it's worth noting that questions like this should be directed to the [ActiveMQ Users mailing list|https://activemq.apache.org/contact].
> Request for a formal response from Active MQ regarding Log4j vulnerability against CVE-2021-44228
> -------------------------------------------------------------------------------------------------
>
> Key: AMQ-8433
> URL: https://issues.apache.org/jira/browse/AMQ-8433
> Project: ActiveMQ
> Issue Type: Bug
> Components: Documentation
> Affects Versions: 5.15.15
> Reporter: Imran Ali
> Priority: Major
>
> Hi Guys,
> Active MQ is still using Log4j v1 and although its not directly impacted by the vulnerability CVE-2021-44228 we are getting follow up questions from the customers on what is the formal timeline for Active MQ to transitioned to the latest version of log4j.
> Can you please let us know what are the plans regarding this.
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)