Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Newcomers » Newcomers » Log4j vulnerability in Eclipse IDE tool
Re: Log4j vulnerability in Eclipse IDE tool [message #1851012 is a reply to message #1851011] Thu, 24 March 2022 13:37 Go to previous message
Ed Merks is currently offline Ed MerksFriend
Messages: 33201
Registered: July 2009
Senior Member
The bundle org.apache.log4j 1.2.19.v20220208-1728 is a new version that is free of CVEs:

https://git.eclipse.org/r/c/orbit/orbit-recipes/+/190574

It comes from here where you can see all the CVEs of older version that are fixed in this latest new version:

https://reload4j.qos.ch/

The 1.2.x version was never affected by CVE-2021-44228:

https://wiki.eclipse.org/Eclipse_and_log4j2_vulnerability_(CVE-2021-44228)

That "famous" CVE only affected 2.x versions...

Ed Merks
Professional Support: https://www.macromodeling.com/

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Previous Topic:Oomph installer error: The catalog could not be loaded
Next Topic:Windows on Eclipse: "Error occurred during initialization of boot layer
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Aug 24 05:20:08 GMT 2024

Powered by FUDForum. Page generated in 0.07979 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly