Thank you for posting! Please see https://github.com/macports/macports-ports/pull/13353 <https://github.com/macports/macports-ports/pull/13353>.
> On Dec 14, 2021, at 6:47 PM, Nils Breunese <n...@breun.nl> wrote: > > A couple of hours ago > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 > <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046> was made > public, which states that the previous mitigations of upgrading to Log4J > 2.15.0 or setting system/environment properties is longer enough. The > recommended solution is upgrading to Log4J 2.16.0. If that is not possible, > it is recommended to at least remove the JndiLookup class from the log4j-core > JAR (e.g. zip -q -d log4j-core-*.jar > org/apache/logging/log4j/core/lookup/JndiLookup.class).
smime.p7s
Description: S/MIME cryptographic signature
