Closed robertdahlem closed 2 years ago
So far this works for log4j V2.
Would you mind adding "org/apache/log4j/net/JMSAppender.class" to MALICIOUS_FILES? This would help mitigating log4j V1 problems.
"org/apache/log4j/net/JMSAppender.class"
MALICIOUS_FILES
Good point, I will add it. Thanks
So far this works for log4j V2.
Would you mind adding
"org/apache/log4j/net/JMSAppender.class"
toMALICIOUS_FILES
? This would help mitigating log4j V1 problems.