Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

It should be noted that this vulnerability is fixed in 2.16  The fix in 2.15 was incompletehttps://www.cve.org/CVERecord?id=CVE-2021-44228

**UPDATED on 6th January 2022**

The update in 2.16 was incomplete, those running Java 8 should update to Log4j 2.17.1.

Those running Java 7 should update to 2.12.4, Those running Java 6 should update to 2.3.2.

See the Log4j website at:

Log4j – Apache Log4j Security Vulnerabilities

...