Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] log4j vulnerability in Eclipse?

Hi

The title of this thread is confusing.

It appears that there is a concern with org.apache.logging.log4j.

To me log4J is org.apache.log4j that has been in use by numerous Eclipse projects unchanged for over 10 years.

e.g. org.eclipse.quinox.p2.ui, org.eclipse.gef, org.eclipse.emf.common.ui, org.eclipse.pde.ui, org.eclipse.ui

AFAICT this thread requires no action in regard to org.apache.log4j.

    Regards

        Ed Willink

On 10/12/2021 18:46, Denis Roy wrote:

Hi Folks,

As you may be aware, an important vulnerability has been discovered in log4j

If I recall, log4j is used in Eclipse components.  Does anyone have a feel for our current state?  Is 2021-12 affected?

https://arstechnica.com/information-technology/2021/12/minecraft-and-other-apps-face-serious-threat-from-new-code-execution-bug/


Denis



_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/cross-project-issues-dev

Virus-free. www.avast.com

Back to the top