Hi,
We don’t include log4j.
Thanks
-Original Message-
From: Bryan K. Walton
Sent: 13 December 2021 14:41
To: fop-users@xmlgraphics.apache.org
Subject: Is FOP impacted by the Log4shell vulnerability?
Hi, is Apache FOP susceptible to the Log4shell vulnerability that is making
Hi, is Apache FOP susceptible to the Log4shell vulnerability that is
making the rounds right now?
Thanks!
Bryan Walton
-
To unsubscribe, e-mail: fop-users-unsubscr...@xmlgraphics.apache.org
For additional commands, e-mail:
mber 2021 16:40To: fop-users@xmlgraphics.apache.org
> Subject: Re: Is FOP impacted by the Log4shell vulnerability?
> Hi all,
> I'm using FOP from my application but in command mode (just launching
> fop.bat or through powsershell). The swiss government IT asks me if
> my application co
Hi,
The binary/zip release doesn’t include log4j, for maven you should check mvn
dependency:tree
Thanks
-Original Message-
From: Jean-Pierre Lamon
Sent: 13 December 2021 16:40
To: fop-users@xmlgraphics.apache.org
Subject: Re: Is FOP impacted by the Log4shell vulnerability?
Hi all
Hi all,
I'm using FOP from my application but in command mode (just launching
fop.bat or through powsershell). The swiss government IT asks me if my
application could be vulnerable. What must be my response?
My future in jail or not depends on your response ;-)
Thx
JP
Le 13.12.2021 à
On Mon, Dec 13, 2021 at 03:02:22PM +, Matt Kynaston wrote:
> >From what I can tell (I just use the library) it doesn't depend on log4j
> itself. However, given that the library is typically included in other
> applications and that may well use a vulnerable version, your best bet is
> to check
>From what I can tell (I just use the library) it doesn't depend on log4j
itself. However, given that the library is typically included in other
applications and that may well use a vulnerable version, your best bet is
to check the actual jars / wars with a tool like at
Hi, is Apache FOP susceptible to the Log4shell vulnerability that is
making the rounds right now?
Thanks!
Bryan Walton
-
To unsubscribe, e-mail: fop-users-unsubscr...@xmlgraphics.apache.org
For additional commands, e-mail: