[opencms-dev] Update OpenCms to log4j 2.16
Michael Emmerich
m.emmerich at alkacon.com
Wed Dec 15 09:40:34 CET 2021
Hello,
according to the latest information regarding the log4j issues
CVE-2021-44228 and CVE-2021-45046 it is strongly recommended to upgrade
your OpenCms 11 and OpenCms 12 to the latest log4j 2.16, even if you
have updated to 2.15 earlier this week. See
https://logging.apache.org/log4j/2.x/
Remove the
log4j-api-2.10.0.jar
log4j-core-2.10.0.jar
log4j-jcl-2.10.0.jar
log4j-slf4j-impl-2.10.0.jar
or (if you have updated to 2.15 before)
log4j-api-2.15.0.jar
log4j-core-2.15.0.jar
log4j-jcl-2.15.0.jar
log4j-slf4j-impl-2.15.0.jar
with the most recent ones from
https://logging.apache.org/log4j/2.x/download.html
log4j-api-2.16.0.jar
log4j-core-2.16.0.jar
log4j-jcl-2.16.0.jar
log4j-slf4j-impl-2.16.0.jar
Restart OpenCms after this.
Kind regards,
Michael
--
Kind Regards
Michael.
-------------------
Michael Emmerich
Alkacon Software GmbH & Co. KG - The OpenCms Experts
http://www.alkacon.com - http://www.opencms.org
More information about the opencms-dev
mailing list