Hi Team, We are currently using gocd version of 20.6.0 and we found that it has a vulnerability log4j CVE-2021-44228. And the latest release v21.3.0 has been updated with log4j-over-slf4j but even the vulnerability still exists . How can we patch this from our side in both versions ? When can we expect GoCD releasing fix for this?
Note: We are using gocd on AWS EKS v1.19 with gocd provided wrapper scripts. Thanks, Pranav Joshi DevOps Engineer -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/go-cd/4b7a1b88-2d9a-4879-9a4b-b48298ed83a7n%40googlegroups.com.
