[JAL-3934] Jalview 2.11.1.6 release for CVE-2021-45105 Update log4j2 to 2.17.0 - Jalview

XML

Word

Printable

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.11.1.5
Fix Version/s: 2.11.1.6, 2.11.2.0
Component/s: Dev and Dep
Labels:
None

Description

A new vulnerability - hot on the heels of the previous one, means we need to patch log4j2 once again.

https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45105

Attachments

Issue Links

related with

JAL-3949 Standard out logging broken: messages only routing to stderr and appear as a raw template

Closed

Activity

People

Assignee:: Ben Soares

Reporter:: James Procter

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Dec/21 10:40 AM

Updated:: 03/Feb/22 5:38 PM

Resolved:: 06/Jan/22 11:28 AM