Closed msueberkrueb closed 7 months ago
As stated here: https://logging.apache.org/log4j/2.x/security.html versions below 2.17.1 are affected from the Log4Shell vulnerability.
Therefore the dependency should be bumped to a version greater or equal to 2.17.1.
Proposed changes:
Edit line 111-112 in build.gradle from
implementation('org.apache.logging.log4j:log4j-api:2.11.+') implementation('org.apache.logging.log4j:log4j-core:2.11.+')
to:
implementation('org.apache.logging.log4j:log4j-api:2.17.1') implementation('org.apache.logging.log4j:log4j-core:2.17.1')
Closed/fixed by a648df3
As stated here: https://logging.apache.org/log4j/2.x/security.html versions below 2.17.1 are affected from the Log4Shell vulnerability.
Therefore the dependency should be bumped to a version greater or equal to 2.17.1.
Proposed changes:
Edit line 111-112 in build.gradle from
to: