This is an automated email from the ASF dual-hosted git repository. rpopma pushed a commit to branch release-2.x in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit 5c7f42d3a9c4b367b4d81c212411029c499f3f6f Author: rpopma <rpo...@apache.org> AuthorDate: Tue Dec 14 21:20:06 2021 +0900 Fix typo --- src/site/markdown/security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/site/markdown/security.md b/src/site/markdown/security.md index 1fa02a7..4ed95d1 100644 --- a/src/site/markdown/security.md +++ b/src/site/markdown/security.md @@ -84,7 +84,7 @@ Applications using only the log4j-api JAR file without the log4j-core JAR file a #### History **Older (discredited) mitigation measures** -We strongly recommend upgrading Log4j to a safe version, or removing the JndiLookup class from the log4j-core class. +We strongly recommend upgrading Log4j to a safe version, or removing the JndiLookup class from the log4j-core jar. This page previously had other mitigation measures, but we discovered that these measures only limit exposure while leaving some attack vectors open.