What does it matter if its in the repo but not installed? It would only
be vulnerable to you if installed no?
------ Original Message ------
From: "Henry lol" <pub.virtualizat...@gmail.com>
To: "users" <users@ovirt.org>
Sent: 16/12/2021 7:17:14 PM
Subject: [ovirt-users] Is vulnerable log4j package necessary in my ovirt
repo?
Hello,
I found that the vulnerable log4j-2.13.0-1 package is in oVirt
repository, but not installed even after the oVirt setup.
So, I want to remove that package from my private oVirt repository if
it's not necessary.
but I'm not sure what will happen by doing so. Is there any side effects?
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/7HGX3H7JFU4HBWPXI3EFIRQAXOO7IHWF/
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/ABZKW2CTUSIJX3RNEP4BPU3EUHOFGVOL/
