RE: Recent log4j vulnerability

t;> 3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D >> %7C3000&sdata=Y2uKdA2lBJui3eOgv6NxDsA4P3knHmQnKDQfHbJXjPY%3D& >> reserved=0 >> >> Thanks! >> >> -----Original Message- >> From: Brandon Williams >> Sent: So

Re: Recent log4j vulnerability

h/browse/LOGBACK-1591 >> >> Thanks! >> >> -Original Message- >> From: Brandon Williams >> Sent: Sonntag, 12. Dezember 2021 18:56 >> To: dev@cassandra.apache.org >> Subject: Recent log4j vulnerability >> >> I replied to a user- post about

Re: Recent log4j vulnerability

ag, 12. Dezember 2021 18:56 > To: dev@cassandra.apache.org > Subject: Recent log4j vulnerability > > I replied to a user- post about this, but thought it was worth repeating it > here. > > In > https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fissues.

RE: Recent log4j vulnerability

Any thoughts what the logback folks have been filed here? https://jira.qos.ch/browse/LOGBACK-1591 Thanks! -Original Message- From: Brandon Williams Sent: Sonntag, 12. Dezember 2021 18:56 To: dev@cassandra.apache.org Subject: Recent log4j vulnerability I replied to a user- post about

Recent log4j vulnerability

I replied to a user- post about this, but thought it was worth repeating it here. In https://issues.apache.org/jira/browse/CASSANDRA-5883 you can see where Apache Cassandra never chose to use log4j2 (preferring logback instead), and thus is not, and has never been, vulnerable to this RCE. Kind Re