This is an automated email from the ASF dual-hosted git repository.
rpopma pushed a commit to branch release-2.x
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
The following commit(s) were added to refs/heads/release-2.x by this push:
new 04ed06b [DOC] Stop recommending 2.15
04ed06b is described below
commit 04ed06bfee5b5487b7846f2c8df99cbfd23b4594
Author: rpopma <rpo...@apache.org>
AuthorDate: Tue Dec 14 23:28:48 2021 +0900
[DOC] Stop recommending 2.15
---
src/site/markdown/index.md.vm | 3 +--
src/site/markdown/security.md | 2 +-
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/src/site/markdown/index.md.vm b/src/site/markdown/index.md.vm
index 947d0ae..7de57a0 100644
--- a/src/site/markdown/index.md.vm
+++ b/src/site/markdown/index.md.vm
@@ -29,8 +29,7 @@ provides many of the improvements available in Logback while
fixing some inheren
<a name="CVE-2021-44228"/>
$h2 Important: Security Vulnerability CVE-2021-44228
-The Log4j team has been made aware of a security vulnerability,
CVE-2021-44228, that has been addressed in Log4j 2.15.0
-and 2.16.0.
+The Log4j team has been made aware of a security vulnerability,
CVE-2021-44228, that has been addressed in Log4j 2.16.0.
$h4 Summary
Log4j’s JNDI support has not restricted what names could be resolved. Some
protocols are unsafe or can allow remote code
diff --git a/src/site/markdown/security.md b/src/site/markdown/security.md
index 9697daa..96cba98 100644
--- a/src/site/markdown/security.md
+++ b/src/site/markdown/security.md
@@ -47,7 +47,7 @@ privately to the [Log4j Security
Team](mailto:priv...@logging.apache.org). Thank
<a name="CVE-2021-44228"/>
<a name="cve-2021-44228"/>
-### Fixed in Log4j 2.15.0 and 2.16.0
+### Fixed in Log4j 2.16.0
#### CVE-2021-44228
[CVE-2021-44228](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228):
Apache Log4j2 JNDI
