Re: log4j cve

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, 14 Dec 2021 at 07:42 -0000, Steve Clark via CentOS wrote:

> I see on CentOS 7 it has log4j-1.2.17...
> Is ok 2 use. I know the CVE was against 2.0 fwd but not knowing if something
> was backported to 1.2 ?

According to https://access.redhat.com/security/vulnerabilities/RHSB-2021-009
Redhat 7 is not impacted by this problem.  This may still be something
in flux.  We are recoving all instances of log4j from our systems, the
software using it is not important to us just a convience.

Stuart
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux