[ https://issues.apache.org/jira/browse/JENA-2224?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17462161#comment-17462161 ]
ASF subversion and git services commented on JENA-2224: ------------------------------------------------------- Commit 959fe2bfe3f0b1779218e1822b4d31aca4130724 in jena's branch refs/heads/main from Andy Seaborne [ https://gitbox.apache.org/repos/asf?p=jena.git;h=959fe2b ] JENA-2224: Upgrade to log4j 2.17.0 > Upgrade to log4j 2.17.0 > ----------------------- > > Key: JENA-2224 > URL: https://issues.apache.org/jira/browse/JENA-2224 > Project: Apache Jena > Issue Type: Task > Components: Cmd line tools, Fuseki > Affects Versions: Jena 4.3.2 > Reporter: Andy Seaborne > Assignee: Andy Seaborne > Priority: Major > Fix For: Jena 4.4.0 > > > https://nvd.nist.gov/vuln/detail/CVE-2021-45105 > https://logging.apache.org/log4j/2.x/security.html > This only happens if you change the logging pattern. > As released Fuseki and command line tools do not use the pattern feature > involved in CVE-2021-45105. -- This message was sent by Atlassian Jira (v8.20.1#820001)