BigBlueButton is not vulnerable to CVE-2021-44228 (log4j)

277 views

Skip to first unread message

Fred Dixon

unread,

Dec 13, 2021, 12:47:48 PM12/13/21

to BigBlueButton-dev

Hi everyone,

This is a message on behalf of the BigBlueButton core development team.

We've looked through the code base and concluded we are not vulnerable to the log4j exploit in BigBlueButton 2.2, 2.3, and 2.4.

See

https://groups.google.com/g/bigbluebutton-dev/c/hXrvzYPk7JU

Also, 2.2 is now on an older version of Ubuntu and we strongly recommend that anyone still on that older release to upgrade to 2.3, or (the soon to be released) 2.4.

Regards,.. Fred

BigBlueButton Developer

http://bigbluebutton.org/

Like BigBlueButton? Tweet us at @bigbluebutton

Reply all

Reply to author

Forward

0 new messages