[LOG4J2-3265] CVE-2021-45105 fix for Java 7 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.12.3
Component/s: None
Labels:
None

Description

As per the NIST website https://nvd.nist.gov/vuln/detail/CVE-2021-45105 it says this CVE fixed in log4j 2.12.3 but I could notice the download page https://logging.apache.org/log4j/log4j-2.12.2/download.html it says "2.12.2" was the last release for Java7 and no more support for Java7 and Java6

Are you planning to release 2.12.3 or we should upgrade Java8 and apply log4j 2.17?

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Gobi

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Dec/21 05:46

Updated:: 24/Dec/21 15:00

Resolved:: 24/Dec/21 15:00