Please rebuild the software with reload4j (instead of log4j) to solve security issues.

Question

trust1345 opened this issue 3 years ago · 2 comments

Please rebuild the software with reload4j (instead of log4j) to solve security issues.
CVE-2019-17571
CVE-2021-4104
CVE-2022-23302
CVE-2022-23305
CVE-2022-23307
CVE-2020-9488

Thanks.

Answer 1 · 2022-02-08T12:00:33.000Z

No log4j lib in pom.xml in version 1.0,2 only slf4j-simple. Where you saw this lib? Use 1.0.2 release

Answer 2 · 2022-02-09T09:20:20.000Z

No log4j lib in pom.xml in version 1.0,2 only slf4j-simple. Where you saw this lib? Use 1.0.2 release

I used version 1.0.0 . Thanks with version 1.0.2 there is no problem!
I didn't pay attention to it.