I have a question about Log4J CVE-2021-44228. The Log4j site says that "log4j2.formatMsgNoLookups=true" is an insufficient mitigation measure. https://logging.apache.org/log4j/2.x/security.html
On the other hand, the Solr site says that "log4j2.formatMsgNoLookups=true" is a sufficient mitigation measure. https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 In Solr, is "log4j2.formatMsgNoLookups=true" a sufficient mitigation measure?
