Hi
The title of this thread is confusing.
It appears that there is a concern with org.apache.logging.log4j.
To me log4J is org.apache.log4j that has been in use by numerous Eclipse
projects unchanged for over 10 years.
e.g. org.eclipse.quinox.p2.ui, org.eclipse.gef,
org.eclipse.emf.common.ui, org.eclipse.pde.ui, org.eclipse.ui
AFAICT this thread requires no action in regard to org.apache.log4j.
Regards
Ed Willink
On 10/12/2021 18:46, Denis Roy wrote:
Hi Folks,
As you may be aware, an important vulnerability has been discovered in
log4j
If I recall, log4j is used in Eclipse components. Does anyone have a
feel for our current state? Is 2021-12 affected?
https://arstechnica.com/information-technology/2021/12/minecraft-and-other-apps-face-serious-threat-from-new-code-execution-bug/
Denis
_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@eclipse.org
To unsubscribe from this list,
visithttps://www.eclipse.org/mailman/listinfo/cross-project-issues-dev
--
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@eclipse.org
To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/cross-project-issues-dev
