log4j vulnerability

4 views
Skip to first unread message

Alina Mikhailova

unread,
Dec 17, 2021, 9:52:33 AM12/17/21
to apollo
Dear Apollo developers,

I have a question regarding the log4j library. Webapollo seems to use log4j 1.x which can be affected by a vulnerability depending on the configuration. Is Apollo affected by that? And do you plan to upgrade to the latest version of log4j?

Thanks,
Alina

Helena Rasche

unread,
Dec 17, 2021, 1:04:11 PM12/17/21
to Alina Mikhailova, apollo
There's some discussion https://github.com/GMOD/Apollo/issues/2640 here if it helps!

Ciao,
Helena

--
To unsubscribe from this group and stop receiving emails from it, send an email to apollo+un...@lbl.gov.
Reply all
Reply to author
Forward
0 new messages