On 2022-01-13, Christopher Schultz wrote:
> On 1/12/22 15:57, Stefan Bodewig wrote:
>> On 2022-01-12, wrote:
>>>1. Do you have any mitigation options available for addressing both
>>> CVE-2019-17571 and CVE-2021-4104?
>>> https://nvd.nist.gov/vuln/detail/CVE-2019-17571
>>> https://nvd.nist
Stefan,
On 1/12/22 15:57, Stefan Bodewig wrote:
On 2022-01-12, wrote:
Can the following questions be confirmed for Ant?
easily
1. Which versions of your products utilize Log4j 1.x, if any?
By default Ant doesn't use any version of Apache Log4J at all.
There is a deprecated BuildLog
On 2022-01-12, wrote:
> Can the following questions be confirmed for Ant?
easily
> 1. Which versions of your products utilize Log4j 1.x, if any?
By default Ant doesn't use any version of Apache Log4J at all.
There is a deprecated BuildLogger using Log4J 1.x. It will only be used
if you exp
Ashley,
NOTE: I do not speak for the Apache ant community. I'm just a volunteer
and member of the community.
On 1/12/22 13:37, ashley.ding...@wellsfargo.com.INVALID wrote:
Hi,
Can the following questions be confirmed for Ant?
1. Which versions of your products utilize Log4j 1.x, if any?
a
Hi,
Can the following questions be confirmed for Ant?
1. Which versions of your products utilize Log4j 1.x, if any?
1. Do they utilize the JMSAppender or SocketServer classes?
1. Do you have any mitigation options available for addressing both
CVE-2019-17571 and CVE-2021-4104?
http
