sikuli-driver team mailing list archive

Thread
Date

Re: [Question #699867]: Does Sikuli use log4j 2.x? latest vulnerability - Answer is NO

To: sikuli-driver@xxxxxxxxxxxxxxxxxxx
From: RaiMan <question699867@xxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 15 Dec 2021 12:35:41 -0000
Reply-to: question699867@xxxxxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Question #699867 on SikuliX changed:
https://answers.launchpad.net/sikuli/+question/699867

Summary changed to:
Does Sikuli use log4j 2.x? latest vulnerability  - Answer is NO

Description changed to:
------------- info
In some dependency of SikuliX log4j is mentioned as a dependency, but the version is 1.2.17.
Since the vulnerable version is log4j 2.x, it is correct, that SikuliX neither uses nor depends on the vulnerable log4j.
hence nothing to do with SikuliX.
-----------------------------------

rejectly a venerability was detected in log4j. wanted to check if sikuli used log4j or it is impacted in any way
https://www.randori.com/blog/cve-2021-44228/

Thanks
Chetan

-- 
You received this question notification because your team Sikuli Drivers
is an answer contact for SikuliX.