Hi Tim,

Good idea, I think it would be helpful to have it directly on index page and 
contact yeah.

I can do the change if everyone agree.

Thanks !

Regards
JB

> Le 8 janv. 2022 à 16:44, Tim Bain <tb...@alumni.duke.edu> a écrit :
> 
> JB, should we put that link somewhere prominent on
> https://activemq.apache.org/contact for a few months? I believe all the
> users who posted questions about the CVE were first-time posters who likely
> went to that page before posting questions, so we might be able to save
> everyone the time and frustration by heading off the question for folks.
> 
> Tim
> 
> On Sat, Jan 8, 2022, 6:01 AM Jean-Baptiste Onofre <j...@nanthrax.net> wrote:
> 
>> Hi,
>> 
>> Again, a new time:
>> 
>> https://activemq.apache.org/news/cve-2021-44228
>> 
>> AGAIN, ActiveMQ 5.15/5.16 are NOT affected by log4j 2.x CVE because they
>> are using log4j 1.x
>> 
>> ActiveMQ 5.17.x (not yet released) will use at least log4j 2.17.1.
>> 
>> Regards
>> JB
>> 
>>> Le 8 janv. 2022 à 11:35, Deepti Sharma S 
>>> <deepti.s.sha...@ericsson.com.INVALID>
>> a écrit :
>>> 
>>> Hello Team,
>>> 
>>> As we have Log4J vulnerability CVE-2021-44228, CVSS 10.0 (Critical), can
>> you please confirm, when we have ActiveMQ all, version release which has
>> this vulnerability fix and has Log4J version 2.17?
>>> 
>>> 
>>> 
>>> Regards,
>>> Deepti Sharma
>>> PMP(r) & ITIL
>>> 
>>> 
>> 
>> 

Reply via email to