Log4j CVE-2021-44228

Use this forum to report bugs and to check for bugfixes and new releases of OpenEMM

Moderator: moderator

Post Reply
AndreasT
Posts: 8
Joined: Tue Oct 05, 2021 3:02 pm

Log4j CVE-2021-44228

Post by AndreasT »

Is OpenEMM affected by the Log4j vulnerability the BSI has reported the last days?
Top
maschoff
Site Admin
Posts: 2622
Joined: Thu Aug 03, 2006 10:20 am
Location: Munich, Germany
Contact:
Contact maschoff

Re: Log4j CVE-2021-44228

Post by maschoff »

No
OpenEMM Maintainer
Top
nhondong
Posts: 14
Joined: Tue May 04, 2021 3:39 pm

Re: Log4j CVE-2021-44228

Post by nhondong »

Hi,

is there any official Statement with more information to this Bulletin?
openemm uses log4j in the affected Version. (1.2)

Please tell us why openemm is not affected.

Thanks.

Nils
Top
maschoff
Site Admin
Posts: 2622
Joined: Thu Aug 03, 2006 10:20 am
Location: Munich, Germany
Contact:
Contact maschoff

Re: Log4j CVE-2021-44228

Post by maschoff »

Because OpenEMM does not use the JMSAppender of Log4j1.
OpenEMM Maintainer
Top
Post Reply

Return to “Bugs, bug fixes & releases”