log4j vulnerability

6 views

Skip to first unread message

Alina Mikhailova

unread,

Dec 17, 2021, 9:52:33 AM12/17/21

to apollo

Dear Apollo developers,

I have a question regarding the log4j library. Webapollo seems to use log4j 1.x which can be affected by a vulnerability depending on the configuration. Is Apollo affected by that? And do you plan to upgrade to the latest version of log4j?

Thanks,

Alina

Helena Rasche

unread,

Dec 17, 2021, 1:04:11 PM12/17/21

to Alina Mikhailova, apollo

There's some discussion https://github.com/GMOD/Apollo/issues/2640 here if it helps!

Ciao,

Helena

--
To unsubscribe from this group and stop receiving emails from it, send an email to apollo+un...@lbl.gov.

Reply all

Reply to author

Forward

0 new messages