Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Remove the log4j serialization. Since Java object serialization is known to be vulnerable to security issues, and this only targets log4j 1.x, there's no real reason for us to keep it.
Attachments
Issue Links
- supercedes
-
LOGCXX-541 Upgrade log4j to 2.15.0 - CVE-2021-44288
- Closed