On 2021-12-23 08:19, Iyana Garry wrote:
Is there any confirmation that Cygwin software is not impacted by
the Apache Log4J vulnerabilities (CVE-2021-44228, CVE-2021-45046 and
CVE-2021-45105)?
Cygwin neither supports nor packages Java or log4j (Log for Java).
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple