commit | bccf14066cb2ca6fc5861eb457d06a2d0429d00b | [log] [tgz] |
---|---|---|
author | Jacques Le Roux <jacques.le.roux@les7arts.com> | Sat Dec 11 17:37:33 2021 +0100 |
committer | Jacques Le Roux <jacques.le.roux@les7arts.com> | Sat Dec 11 17:37:33 2021 +0100 |
tree | 3f4feabac31bd7c3bd2665668509fd7cabb7cbdd | |
parent | 14f7feda74dc8f28988dc1070865c049ec6c2e06 [diff] |
Fixed: [SECURITY] CVE-2021-44228: Apache Log4j2 (OFBIZ-12449) CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints: https://logging.apache.org/log4j/2.x/security.html I'm not sure we are concerned, have no time to check, better safe than sorry...