[
https://issues.apache.org/jira/browse/KARAF-7292?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Karthick updated KARAF-7292:
----------------------------
Labels: security vulnerability (was: )
> Karaf update needed for log4j stepup
> ------------------------------------
>
> Key: KARAF-7292
> URL: https://issues.apache.org/jira/browse/KARAF-7292
> Project: Karaf
> Issue Type: Question
> Components: karaf
> Affects Versions: 4.3.2
> Reporter: Karthick
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Labels: security, vulnerability
>
> As reported in CVE-2021-44228 regarding log4j vulnerability we are planning
> to stepup log4j to clean 2.1.50 or higher but we cannot do unless pax-logging
> is in new version 2.0.11.
>
> What is the tentative timeline in which new karaf version will be available
> with this latest pax-logging version? This info will help us in communicating
> to our customers.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
