Re: [Astlinux-users] Log4j vulnerability

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

> Am 14.12.2021 um 10:51 schrieb Stefan Ulm <s....@di...>:
> 
>  
>  
> is astlinux using Log4j some way? I’m asking, because lately there came out a vulnerability regarding Log4j.
> I have installed some older version like for example astlinux 1.2.7 and I want just to know if I need to take action to update theese devices to avoid Log4j vulnerability.
>  
>  
> Best regards
>  
> Stefan Ulm

Hi Stefan,

no, AstLinux does not use Java at all. 
Only if you have compiled yourself a personal version with custom packages with Buildroot, that might be.

Version 1.2.7 is quite old (2016-07-06) and many security fixes for other packages were included in the meantime.

Michael

http://www.mksolutions.info