| From: | JDBC Project via PostgreSQL Announce <announce-noreply(at)postgresql(dot)org> |
|---|---|
| To: | PostgreSQL Announce <pgsql-announce(at)lists(dot)postgresql(dot)org> |
| Subject: | PostgreSQL JDBC and the log4j CVE |
| Date: | 2021-12-13 15:46:38 |
| Message-ID: | 163941039887.26069.1805777468235300589@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-announce pgsql-jdbc |
A [CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228) has been reported on the popular logging implementation log4j.
As the PostgreSQL JDBC driver does not include this as a dependency we have determined that there is no need for concern.
The driver is not vulnerable to this CVE.
Regards,
Dave Cramer
pgjdbc team
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Cramer | 2021-12-14 12:07:29 | PostgreSQL JDBC and the log4j CVE |
| Previous Message | PostgreSQL Europe via PostgreSQL Announce | 2021-12-08 22:36:00 | PostgreSQL @ FOSDEM 2022: Call for Proposals |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Cramer | 2021-12-14 12:07:29 | PostgreSQL JDBC and the log4j CVE |
| Previous Message | Dave Cramer | 2021-12-07 13:15:42 | Re: [QUESTION] How to retrieve type info for ROW |