search

saros-project / saros

Open Source IDE plugin for distributed collaborative software development
https://www.saros-project.org
GNU General Public License v2.0
160 stars 52 forks source link

[FIX] Update log4j lib to address vulnerability #1154

Closed stefaus closed 2 years ago

stefaus commented 2 years ago

The current log4j version is vulnerable to the famous Log4Shell exploit, formally known as CVE-2021-44228.

Confirmed that Saros is vulnerable and the updated library fixes the issue as expected.

Resolves #1153