Actually, the Apache Directory LDAP API does *not* use Log4j at all,
being an API.
It uses SLF4J and depends on whatever logger the user selects.
On 21/12/2021 16:50, Shawn McKinney wrote:
On Dec 21, 2021, at 3:18 AM, Wartner , Steffen - SID-LRZS
<steffen.wart...@rz.smf.sachsen.de> wrote:
my name is Steffen Wartner and I'm using the Apache Directory LDAP API for one
of my projects. There are security issues with log4j (see
https://logging.apache.org/log4j/2.x/security.html) and I wanted to ask, when
the log4j Version 1.2.17 will be updated to 2.17.0 ?
Hello Steffen,
The LDAP API uses Log4j 1.2x which is not affected by the Log4Shell
(CVE-2021-44228).
Thanks
—
Shawn
---------------------------------------------------------------------
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org
--
*Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE
T. +33 (0)4 89 97 36 50
P. +33 (0)6 08 33 32 61
emmanuel.lecha...@busit.com https://www.busit.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: api-unsubscr...@directory.apache.org
For additional commands, e-mail: api-h...@directory.apache.org
