Details
-
Question
-
Status: Resolved
-
Major
-
Resolution: Invalid
-
4.3.2
-
None
Description
As reported in CVE-2021-44228 regarding log4j vulnerability we are planning to stepup log4j to clean 2.1.50 or higher but we cannot do unless pax-logging is in new version 2.0.11.
What is the tentative timeline in which new karaf version will be available with this latest pax-logging version? This info will help us in communicating to our customers.