Once upon a time, Michal Skrivanek <[email protected]> said: > We concluded the investigation and we believe we are not affected, while a > vulnerable log4j is being shipped (and will be fixed by wildfly/jboss) we are > not using this functionality in any of or components. > Wildfly reimplements log4j and we use that instead, all other usage is in > compile time, unit tests. We also use log4j 1.x but without the JMSAppender > in runtime. > Thanks to MartinP for confirmation
Thanks for digging into this and checking. -- Chris Adams <[email protected]> _______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/UUWYXC6EPVZ7K3ZYYB4M3KAV3NBGY3VZ/
