[jira] [Resolved] (SSHD-1248) Log4J2 Security Vulneralibility ( CVE-2021-44832 )

Lyor Goldstein (Jira) Thu, 24 Feb 2022 11:05:05 -0800


     [ 
https://issues.apache.org/jira/browse/SSHD-1248?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Lyor Goldstein resolved SSHD-1248.
----------------------------------
    Resolution: Not A Bug

> Log4J2 Security Vulneralibility ( CVE-2021-44832 )
> --------------------------------------------------
>
>                 Key: SSHD-1248
>                 URL: https://issues.apache.org/jira/browse/SSHD-1248
>             Project: MINA SSHD
>          Issue Type: Question
>    Affects Versions: 2.8.0
>            Reporter: Putra Nugraha
>            Priority: Major
>
> Upon checking a possible security vulnerabilities, I noticed MINA SSHD is 
> using Log4J2 version 2.14.1 and Log4J2 made some fixes in the later version ( 
> 2.17.1 for Java 8 ) which one if it is related to security vulnerabilities to 
> RCE.
>  
> May I know if there is any plan on MINA SSHD to adapt the above fix? Or can 
> we please have this fixed if not planned?
>  
> Further details on the above Log4J security vulnerabilities can be found here
> https://logging.apache.org/log4j/2.x/security.html



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

[jira] [Resolved] (SSHD-1248) Log4J2 Security Vulneralibility ( CVE-2021-44832 )

Reply via email to