Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] log4j vulnerability in Eclipse?


The title of this thread is confusing.

It appears that there is a concern with org.apache.logging.log4j.

To me log4J is org.apache.log4j that has been in use by numerous Eclipse projects unchanged for over 10 years.

e.g. org.eclipse.quinox.p2.ui, org.eclipse.gef, org.eclipse.emf.common.ui, org.eclipse.pde.ui, org.eclipse.ui

AFAICT this thread requires no action in regard to org.apache.log4j.


        Ed Willink

On 10/12/2021 18:46, Denis Roy wrote:

Hi Folks,

As you may be aware, an important vulnerability has been discovered in log4j

If I recall, log4j is used in Eclipse components.  Does anyone have a feel for our current state?  Is 2021-12 affected?


cross-project-issues-dev mailing list
To unsubscribe from this list, visit


Back to the top