Closed c-ryan-k closed 2 years ago
Is this project impacted by https://logging.apache.org/log4j/2.x/security.html at all?
@digimaun technically our extension isn't - this is sample code that users can use to simulate device telemetry. It references an old version of the IoT Device SDK that has a log4j dependency - so any users who built device clients in Java using that sample will need to update their own dependencies.
@digimaun technically our extension isn't - this is sample code that users can use to simulate device telemetry. It references an old version of the IoT Device SDK that has a log4j dependency - so any users who built device clients in Java using that sample will need to update their own dependencies.
Got it, hopefully that is presented as a clear action required on the device SDK.
Update iot device SDK
Remove hard dependency on GSON (nested from iot device SDK)