Question #699868 on SikuliX changed: https://answers.launchpad.net/sikuli/+question/699868
Summary changed to: High-risk vulnerability in Log4j 2.x --- not used with SikuliX Description changed to: ------------------- information In some dependency of SikuliX log4j is mentioned as a dependency, but the version is 1.2.17. Since the vulnerable version is log4j 2.x, it is correct, that SikuliX neither uses nor depends on the vulnerable log4j. hence nothing to do with respect to SikuliX. ------------------------------------------------------------------- High-risk vulnerability in Log4j which is being used in sikulixapi 2.0.5 package. Do we have any solution on this or we are safe to use the Sikuli version 2.0.5 ? For reference please check the url - https://www.veracode.com/blog/security-news/urgent-analysis-and- remediation-guidance-log4j-zero-day-rce-cve-2021-44228 Requesting to provide the solution as soon as possible. -- You received this question notification because your team Sikuli Drivers is an answer contact for SikuliX. _______________________________________________ Mailing list: https://launchpad.net/~sikuli-driver Post to : [email protected] Unsubscribe : https://launchpad.net/~sikuli-driver More help : https://help.launchpad.net/ListHelp
