From 97f804a8f3cded5cbf11200573ed4751bb129b6c Mon Sep 17 00:00:00 2001 From: AJESH-CR Date: Fri, 31 Dec 2021 12:18:52 +0530 Subject: [PATCH] Upgrade Log4j 2.16.0 to 2.17.1 to fix RCE via JDBC Appender when attacker controls configuration (CVE-2021-44832) --- README.md | 2 +- pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 182baf6f..a592d4f0 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ _Note 2: Support for higher versions of JDK (>= 1.9.0) has not been made availab ### Dependencies * commons-logging-1.1.1.jar : logging -* log4j-2.16.0.jar : logging +* log4j-2.17.1.jar : logging * httpclient-4.0.1.jar : http communication with the payment gateway * httpcore-4.0.1.jar : http communication with the payment gateway * junit-4.8.2.jar : unit testing diff --git a/pom.xml b/pom.xml index e39c64e0..24e96c43 100644 --- a/pom.xml +++ b/pom.xml @@ -117,7 +117,7 @@ 1.5 true true - 2.16.0 + 2.17.1 pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy