[jira] [Commented] (AMQ-8433) Request for a formal response from Active MQ regarding Log4j vulnerability against CVE-2021-44228

Justin Bertram (Jira) Tue, 14 Dec 2021 13:04:12 -0800


    [ 
https://issues.apache.org/jira/browse/AMQ-8433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459484#comment-17459484
 ]


Justin Bertram commented on AMQ-8433:
-------------------------------------

See https://activemq.apache.org/news/cve-2021-44228.

> Request for a formal response from Active MQ regarding Log4j vulnerability 
> against CVE-2021-44228
> -------------------------------------------------------------------------------------------------
>
>                 Key: AMQ-8433
>                 URL: https://issues.apache.org/jira/browse/AMQ-8433
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions: 5.15.15
>            Reporter: Imran Ali
>            Priority: Major
>
> Hi Guys, 
> Active MQ is still using Log4j v1 and although its not directly impacted by 
> the vulnerability CVE-2021-44228 we are getting follow up questions from the 
> customers on what is the formal timeline for Active MQ to transitioned to the 
> latest version of log4j.
> Can you please let us know what are the plans regarding this. 
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (AMQ-8433) Request for a formal response from Active MQ regarding Log4j vulnerability against CVE-2021-44228

Reply via email to