This is an automated email from the ASF dual-hosted git repository.
ggregory pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
The following commit(s) were added to refs/heads/release-2.x by this push:
new b97a3c5 Sentence should start with a capital letter.
b97a3c5 is described below
commit b97a3c52f88ba13dac16ec0eb2664d479fdc7438
Author: Gary Gregory <garydgreg...@gmail.com>
AuthorDate: Tue Dec 14 10:16:03 2021 -0500
Sentence should start with a capital letter.
---
src/site/markdown/security.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/site/markdown/security.md b/src/site/markdown/security.md
index 6853151..1967b6f 100644
--- a/src/site/markdown/security.md
+++ b/src/site/markdown/security.md
@@ -70,7 +70,7 @@ substitution is enabled.
**Log4j 1.x mitigation**: Log4j 1.x does not have Lookups so the risk is lower.
Applications using Log4j 1.x are only vulnerable to this attack when they use
JNDI in their configuration.
A separate CVE (CVE-2021-4104) has been filed for this vulnerability.
-To mitigate: audit your logging configuration to ensure it has no JMSAppender
configured.
+To mitigate: Audit your logging configuration to ensure it has no JMSAppender
configured.
Log4j 1.x configurations without JMSAppender are not impacted by this
vulnerability.
**Log4j 2.x mitigation**: Implement one of the mitigation techniques below.
