Hi Paul Only log4j 2.x is only impacted, Karaf 3.0/pax logging 1.8 uses log4j 1.x so no problem.
Regards JB > Le 12 déc. 2021 à 19:18, Paul Spencer <[email protected]> a écrit : > > For users of Karaf 3.0.x that uses Pax Logging version 1.8.x, what is the > recommended mitigation for "Apache Log4j Remote Code Execution > Vulnerability", CVE-2021-44228? > > Paul Spencer >
