Hi everybody,
a vulnerability in Apache Log4j has been found. The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell.
According to https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot OpenCelium users are not affected by this vulnerability, because we are using default loggining system instead of Log4j.
But if you would like to update dependencies for Log4j you have to follow to the next instruction:
Open build.gradle file and put
implementation 'org.apache.logging.log4j:log4j-core:2.16.0'
in dependencies.
Just write to our #support team in Slack if you have any further questions.
Your OpenCelium Support
Starten Sie jetzt mit Ihrer
Connection!
Wir freuen uns von Ihnen zu hören. Fragen beantworten wir Ihnen gerne!
KONTAKT
Ihr direkter Draht zu uns
Sie haben Fragen, Anregungen, Wünsche oder stehen vor einer besonderen Herausforderung? Wir freuen uns, von Ihnen zu hören!