-
Notifications
You must be signed in to change notification settings - Fork 774
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Log4j vulnerability *NEW* #733
Comments
Transferring to the appropriate repo, but I think this has already been addressed in ffb1416. |
I just released 0.14.0 with a |
Thanks for all your hard work these past two weeks! |
Yes thanks. Now its version 2.17 another update! :( |
Here you go, a new release with 2.17: https://github.com/prometheus/client_java/releases/tag/parent-0.14.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Log4j was recently updated to use 2.15 in the log4j client.
This version is still impacted and its considered a critical vulnerability now.
Are simpleclient_log4j and simpleclient_log4j2 going to be updated to include version 2.16 here ASAP as security scanners from our the security team are flagging these and they need to know when they will be updated even if they are considered "Not in use".
Thanks!
Dan
The text was updated successfully, but these errors were encountered: