Thanks, Nick. I appreciate the quick response. First, please AVOID ALL CAPS, EVEN IN THE SUBJECT LINE. IT IS LIKE SHOUTING > AT SOMEONE. We will still answer your request if you use regular case and > "speak" in a normal tone :-).
Thank you for your valuable suggestion on how to write an email and subject line. I will keep that in mind. Regards, Amarjeet Singh On Sat, Dec 11, 2021 at 8:29 PM Nick Couchman <[email protected]> wrote: > On Sat, Dec 11, 2021 at 9:39 AM Amarjeet Singh <[email protected]> > wrote: > >> Hi All, >> >> Does guacamole components have Apache log4j Vulnerability CVE-2021-4428 >> <https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/> >> ?? >> >> > Amarjeet, > First, please AVOID ALL CAPS, EVEN IN THE SUBJECT LINE. IT IS LIKE > SHOUTING AT SOMEONE. We will still answer your request if you use regular > case and "speak" in a normal tone :-). > > To answer your question, no Guacamole is not impacted by the log4j > vulnerability. Guacamole uses logback instead of log4j, and even excludes > log4j from several Maven-based dependencies. Thus, at the moment, we do not > believe there is any vulnerability in Guacamole related to this. > > -Nick > >>
