From: | Dave Cramer <davecramer(at)gmail(dot)com> |
---|---|
To: | pgsql-jdbc(at)lists(dot)postgresql(dot)org |
Subject: | PostgreSQL JDBC and the log4j CVE |
Date: | 2021-12-14 12:07:29 |
Message-ID: | CADK3HHJ1RPU1wWxqY7Y0uxc_6-87Bh7a5NoLPw=__VTbptjoeA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-announce pgsql-jdbc |
Dave Cramer
---------- Forwarded message ---------
From: JDBC Project via PostgreSQL Announce <announce-noreply(at)postgresql(dot)org>
Date: Mon, 13 Dec 2021 at 10:47
Subject: PostgreSQL JDBC and the log4j CVE
To: PostgreSQL Announce <pgsql-announce(at)lists(dot)postgresql(dot)org>
PostgreSQL JDBC and the log4j CVE
A CVE <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228> has
been reported on the popular logging implementation log4j.
As the PostgreSQL JDBC driver does not include this as a dependency we have
determined that there is no need for concern. The driver is not vulnerable
to this CVE.
Regards,
Dave Cramer
pgjdbc team
This email was sent to you from JDBC Project. It was delivered on their
behalf by the PostgreSQL project. Any questions about the content of the
message should be sent to JDBC Project.
You were sent this email as a subscriber of the *pgsql-announce*
mailinglist, for for one of the content tags Related Open Source or
Security. To unsubscribe from further emails, or change which emails you
want to receive, please click the personal unsubscribe link that you can
find in the headers of this email, or visit
https://lists.postgresql.org/unsubscribe/.
From | Date | Subject | |
---|---|---|---|
Next Message | Microsoft Azure via PostgreSQL Announce | 2021-12-15 11:01:09 | Citus Con: An Event for Postgres—the CFP is open |
Previous Message | JDBC Project via PostgreSQL Announce | 2021-12-13 15:46:38 | PostgreSQL JDBC and the log4j CVE |
From | Date | Subject | |
---|---|---|---|
Next Message | Dave Cramer | 2021-12-17 14:01:55 | [pgjdbc/pgjdbc] d0392b: fix: return getIndexInfo metadata columns in UPPER... |
Previous Message | JDBC Project via PostgreSQL Announce | 2021-12-13 15:46:38 | PostgreSQL JDBC and the log4j CVE |