Hello, Considering the following CVE @ https://www.ncsc.gov.uk/news/apache-log4j-vulnerability
/deployments/james-server-app-3.6.0/conf/log4j2.xml /deployments/james-server-app-3.6.0/lib/log4j-api-2.14.0.jar /deployments/james-server-app-3.6.0/lib/log4j-core-2.14.0.jar /deployments/james-server-app-3.6.0/lib/log4j-slf4j-impl-2.14.0.jar What are the plans for mitigating this from Apache James Perspective ? Or is this a non issue ? amlan --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Please refer to https://www.db.com/disclosures for additional EU corporate and regulatory disclosures and to http://www.db.com/unitedkingdom/content/privacy.htm for information about privacy. --------------------------------------------------------------------- To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
