Once upon a time, Michal Skrivanek <michal.skriva...@redhat.com> said: > We concluded the investigation and we believe we are not affected, while a > vulnerable log4j is being shipped (and will be fixed by wildfly/jboss) we are > not using this functionality in any of or components. > Wildfly reimplements log4j and we use that instead, all other usage is in > compile time, unit tests. We also use log4j 1.x but without the JMSAppender > in runtime. > Thanks to MartinP for confirmation
Thanks for digging into this and checking. -- Chris Adams <c...@cmadams.net> _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/UUWYXC6EPVZ7K3ZYYB4M3KAV3NBGY3VZ/