[ https://issues.apache.org/jira/browse/MRM-2025?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Stockhammer resolved MRM-2025. ------------------------------------- Resolution: Duplicate > Update to log4j 2.16.0 (CVE-2021-45046) > --------------------------------------- > > Key: MRM-2025 > URL: https://issues.apache.org/jira/browse/MRM-2025 > Project: Archiva > Issue Type: Dependency upgrade > Components: Audit Logging > Affects Versions: 2.2.6 > Reporter: Robert Velter > Priority: Major > > log4j 2.15.0 is not enough to fully mitigate CVE-2021-44228. > See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 > Best regards, Robert -- This message was sent by Atlassian Jira (v8.20.1#820001)