To mitigate the known vulnerabilities listed here, please
If you need help on building or configuring Log4j or other help on following the instructions Use the building instructions for the Apache Log4j version that you are using.įor Log4j 2 these can be found in BUILDING.md located in the root subdirectory of the source distribution. If you need to apply a source code patch, Users should upgrade to Log4j 2 to obtain security fixes.īinary patches are never provided. Vulnerabilities reported after August 2015 against Log4j 1.x were not checked and will not be fixed. Of Apache Log4j the flaw is known to affect, and where a flaw has not been verified list Note that this rating may vary from platform to platform. This page lists all the security vulnerabilities fixed in released versions of Apache Log4j 2.Įach vulnerability is given a security impact rating
0 kommentar(er)
