garydgregory commented on pull request #608: URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-990070794
> > Is it a security vulnerability? > > I think it is. > > It is very surprising that this critical security issue does not seem to have received due attention. It was reported to Apache half a month ago, but it was not fixed until five days ago. Even today, it has not released a new stable version to solve it. Oh so glad you show such appreciation for the work of volunteers... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
