Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Apache Log4j Security Vulnerabilities

Description

Hi All,

the security alert "Apache Log4j Security Vulnerabilities" should be solved in the last Windows stable version.
-> https://logging.apache.org/log4j/2.x/security.html

Question

  • Are the unstable version 1.3.x also affected with this security issue?

  • Is there an upgrade in progress?

Thank you

Environment

  • Windows 10 Pro

  • Greenshot-RELEASE-1.2.10.6, 09 Aug 2017

Attachments

1

Activity

Show:

Tony HillJanuary 7, 2022 at 1:00 AM

I realise this issue is marked as resolved but may I clarify whether or not any action is required to update the log4net.dll file used by Greenshot? I also have this flagged up as critical by Forticlient but I am not running Java.

Robin KromDecember 13, 2021 at 4:26 PM

That is not the same, as the horrible log4j issue that is going around. But yes that is fixed with 1.3, will write more later. Need to help my kid.

Silvan ZerlaDecember 13, 2021 at 4:24 PM

Could you please check it again

Silvan ZerlaDecember 13, 2021 at 4:23 PM

But I got vulnerability alert if I run a full scan (Forticlient).

Robin KromDecember 13, 2021 at 3:40 PM

We are not affected by that CVE.

Won't Fix

Details

Assignee

Reporter

Affects versions

Components

Priority

Created December 13, 2021 at 7:50 AM
Updated January 7, 2022 at 1:00 AM
Resolved December 13, 2021 at 3:40 PM