[Info-vax] Java, log4j, log4shell, and OpenVMS: CVE-2021-44228
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Thu Dec 16 21:15:52 EST 2021
On 2021-12-16 22:47:28 +0000, Craig A. Berry said:
> Note that log4j 2.16.0 has now been released to fix vulnerabilities
> still present in the 2.15.0 released a few days ago, and many of the
> mitigations published in the last week are now considered inadequate:
Y'all want log4j 2.17 now, and not 2.16.
https://issues.apache.org/jira/browse/LOG4J2-3230
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list