https://bz.apache.org/bugzilla/show_bug.cgi?id=65748
Ren <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|FIXED |--- Status|RESOLVED |REOPENED --- Comment #6 from Ren <[email protected]> --- more vulnerability vahe been detected in log4j2 <= 2.16.0 (CVE-2021-45105, CVE-2021-45046). So the minimum version of the log4j2 library should be 2.17.0. -- You are receiving this mail because: You are the assignee for the bug.
