Closed danotorrey closed 2 years ago
Update log4j to version 2.15.0 to mitigate CVE-2021-44228
2.15.0
It is not necessary to set log4j.formatMsgNoLookups=true since version 2.15.0 of log4j automatically defaults the property to false.
log4j.formatMsgNoLookups=true
false
This was tested in a sample Lambda function to verify that the logging still works correctly with the updated log4j version.
See for more details
Update log4j to version
2.15.0
to mitigate CVE-2021-44228It is not necessary to set
log4j.formatMsgNoLookups=true
since version2.15.0
of log4j automatically defaults the property tofalse
.This was tested in a sample Lambda function to verify that the logging still works correctly with the updated log4j version.
See for more details
Notes for Reviewers