Hi; You recently contacted the Apache security team. As explained in [1], the e-mail address you used should only be used for reporting undisclosed security vulnerabilities in Apache products and managing the process of fixing such vulnerabilities. Your e-mail does not meet that criteria.
You may wish read some information on how the ASF works [2] before contacting the appropriate project(s) with your enquiry via the appropriate channel for each project. The Apache security team is unlikely to respond to further messages regarding this topic. The Apache security team [1] http://www.apache.org/security/ [2] http://apache.org/foundation/how-it-works.html On Tue, Dec 14, 2021 at 12:54 PM Patil, Dipak (Pune) < dipak.pat...@fiserv.com> wrote: > Hello Apache Team, > > > > Greetings from Fiserv!!! > > > > This is with reference to Apache Log4j CVE-2021-44228 vulnerability. We > are using multiple jars as mentioned below on our multiple products. > > > > For all these Jars we would like to know if these are impacted by Log4j > CVE-2021-44228 vulnerability and if yes then expected ETA for remediation > and availability of updated jar. > > > > Appreciate your response with update on the last 2 columns. > > > > *JAR name* > > *JAR Version* > > *Is Vulnerable?* > > *ETA for FIX?* > > resolver.jar > > 2.9.1 > > > > > > xercesImpl.jar > > 2.12.1 > > > > > > axis.jar > > 1.4 > > > > > > commons-collections > > 3.2 > > > > > > commons-Collections4.jar > > 4.1 > > > > > > commons-digester.jar > > 1.6 > > > > > > commons-io > > 2.7 > > > > > > Commons-io.jar > > 2.8.0 > > > > > > commons-lang.jar > > 2.5 > > > > > > commons-lang3.jar > > 3.8.1 > > > > > > commons-logging.jar > > 1.1.1 > > > > > > commons-validator.jar > > 1.2.0 > > > > > > jackson-annotations.jar > > 2.9.4 > > > > > > Jakarta oro.jar > > 2.0.7 > > > > > > jakarta-oro-2.0.8 > > 2.0.8 > > > > > > jdom2 > > 2.0.6 > > > > > > owasp-java-html-sanitizer > > 20200713.1 > > > > > > Recordio.jar > > - > > > > > > spring-aop.jar > > 5.2.7 > > > > > > spring-core, spring-context,spring-beans > > 5.2.7 > > > > > > taglibs-standard-jstlel > > 1.2.5 > > > > > > xml-apis.jar > > 1.4.01 > > > > > > xml-apis.jar > > 2.5.0 > > > > > > xmlParserApis > > 2.5.0 > > > > > > > > > > Thanks & Regards, > > *Dipak Patil* > Sr. Manager, Software Development > Fiserv Global Services | Financial & Risk Management Solutions > > Mobile: +91-9766784964 > > > *Fiserv* > *Helping Small Businesses Get** Back2Business > <https://urldefense.proofpoint.com/v2/url?u=http-3A__links.mkt030.com_els_v2_RZ22cy4q6bM8_UVZtWHM1elJtdTU4UVBNL0JVcGgyVXZNcEoxMnNWR3lPbERrU2c1eW93dFU2N2VMZnB3bjU2T09SL0IwaDVJbDhKWUVlUitseEhvK0RYdVdIS2c3YUdjZGpSZFEwT3pvd25adm51QVNsemc9S0_&d=DwMFaQ&c=rE3mhBYFJfJGqQ7WI0-DPw&r=GKI0C3ftOzv3wlDYOrUb3GQEG-D4bX0X-0hj_zc4zug&m=tLZp9B4LvaBgHppw7aXKOyoktvj2YGOFxM4mAswOiN0&s=CcleTW48A9onwIZ8iFTzfJoxOF9Hc5wyTP4dM3Jq0fI&e=>* > Fiserv > <https://urldefense.proofpoint.com/v2/url?u=http-3A__links.mkt030.com_els_v2_X677F3dKx8Tx_UVZtWHM1elJtdTU4UVBNL0JVcGgyVXZNcEoxMnNWR3lPbERrU2c1eW93dFU2N2VMZnB3bjU2T09SL0IwaDVJbDhKWUVlUitseEhvK0RYdVdIS2c3YUdjZGpSZFEwT3pvd25adm51QVNsemc9S0_&d=DwMFaQ&c=rE3mhBYFJfJGqQ7WI0-DPw&r=GKI0C3ftOzv3wlDYOrUb3GQEG-D4bX0X-0hj_zc4zug&m=tLZp9B4LvaBgHppw7aXKOyoktvj2YGOFxM4mAswOiN0&s=fZNUC5ih9Ox4L27ZSa9a93JTa49_fJ5rumBU-gw60ZU&e=> > | Join Our Team > <https://urldefense.proofpoint.com/v2/url?u=http-3A__links.mkt030.com_els_v2_j9LLfXwgErFR_UVZtWHM1elJtdTU4UVBNL0JVcGgyVXZNcEoxMnNWR3lPbERrU2c1eW93dFU2N2VMZnB3bjU2T09SL0IwaDVJbDhKWUVlUitseEhvK0RYdVdIS2c3YUdjZGpSZFEwT3pvd25adm51QVNsemc9S0_&d=DwMFaQ&c=rE3mhBYFJfJGqQ7WI0-DPw&r=GKI0C3ftOzv3wlDYOrUb3GQEG-D4bX0X-0hj_zc4zug&m=tLZp9B4LvaBgHppw7aXKOyoktvj2YGOFxM4mAswOiN0&s=E7R01NkwndsmoJ-PZoiUPeKWk8rY9BTfKRPTTxE0Kw8&e=> > | Twitter > <https://urldefense.proofpoint.com/v2/url?u=http-3A__links.mkt030.com_els_v2_bxXXB-2DpG2wfb_UVZtWHM1elJtdTU4UVBNL0JVcGgyVXZNcEoxMnNWR3lPbERrU2c1eW93dFU2N2VMZnB3bjU2T09SL0IwaDVJbDhKWUVlUitseEhvK0RYdVdIS2c3YUdjZGpSZFEwT3pvd25adm51QVNsemc9S0_&d=DwMFaQ&c=rE3mhBYFJfJGqQ7WI0-DPw&r=GKI0C3ftOzv3wlDYOrUb3GQEG-D4bX0X-0hj_zc4zug&m=tLZp9B4LvaBgHppw7aXKOyoktvj2YGOFxM4mAswOiN0&s=3y-WMFmPI8uEaGaOQgso0l-RZ91VuIv0UrIiInznKEw&e=> > | LinkedIn > <https://urldefense.proofpoint.com/v2/url?u=http-3A__links.mkt030.com_els_v2_z9-5F-5FfAx8R-7EBm_UVZtWHM1elJtdTU4UVBNL0JVcGgyVXZNcEoxMnNWR3lPbERrU2c1eW93dFU2N2VMZnB3bjU2T09SL0IwaDVJbDhKWUVlUitseEhvK0RYdVdIS2c3YUdjZGpSZFEwT3pvd25adm51QVNsemc9S0_&d=DwMFaQ&c=rE3mhBYFJfJGqQ7WI0-DPw&r=GKI0C3ftOzv3wlDYOrUb3GQEG-D4bX0X-0hj_zc4zug&m=tLZp9B4LvaBgHppw7aXKOyoktvj2YGOFxM4mAswOiN0&s=Q61USL3F_T_KT15_VUrZEYj4RNrcKQXrJQfIIJT5NgY&e=> > | Facebook > <https://urldefense.proofpoint.com/v2/url?u=http-3A__links.mkt030.com_els_v2_ebwwFvy-7EgkQ7_UVZtWHM1elJtdTU4UVBNL0JVcGgyVXZNcEoxMnNWR3lPbERrU2c1eW93dFU2N2VMZnB3bjU2T09SL0IwaDVJbDhKWUVlUitseEhvK0RYdVdIS2c3YUdjZGpSZFEwT3pvd25adm51QVNsemc9S0_&d=DwMFaQ&c=rE3mhBYFJfJGqQ7WI0-DPw&r=GKI0C3ftOzv3wlDYOrUb3GQEG-D4bX0X-0hj_zc4zug&m=tLZp9B4LvaBgHppw7aXKOyoktvj2YGOFxM4mAswOiN0&s=TN-WHQH38jACIJp2JU6IGSxAUU5M4k5LtJczIaBoN7s&e=> > FORTUNE *World's Most Admired Companies®* > 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 > > © 2021 Fiserv Inc. or its affiliates. Fiserv is a registered trademark of > Fiserv Inc. Privacy Notice > <https://urldefense.proofpoint.com/v2/url?u=http-3A__links.mkt030.com_els_v2_w-5F33sEW2jps3_UVZtWHM1elJtdTU4UVBNL0JVcGgyVXZNcEoxMnNWR3lPbERrU2c1eW93dFU2N2VMZnB3bjU2T09SL0IwaDVJbDhKWUVlUitseEhvK0RYdVdIS2c3YUdjZGpSZFEwT3pvd25adm51QVNsemc9S0_&d=DwMFaQ&c=rE3mhBYFJfJGqQ7WI0-DPw&r=GKI0C3ftOzv3wlDYOrUb3GQEG-D4bX0X-0hj_zc4zug&m=tLZp9B4LvaBgHppw7aXKOyoktvj2YGOFxM4mAswOiN0&s=y4oAJx7X-sCjAmZYwrwHCP22qv8fqneje9sJ_LtLqjg&e=> > © 2021 Fortune Media IP Limited. Used under license. > > >