https://bugzilla.redhat.com/show_bug.cgi?id=1443635
Jonathan Christison <jochrist(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ataylor(a)redhat.com,
| |ggaughan(a)redhat.com,
| |gmalinko(a)redhat.com,
| |jross(a)redhat.com,
| |jwon(a)redhat.com
--- Comment #50 from Jonathan Christison <jochrist(a)redhat.com> ---
It was found that vulnerable versions of log4j where shipped (embedded) within
io.hawt:hawtio-osgi:war:*, however the embedded library is not used nor the
vulnerable TCP/UDP server functionality. Due to this we've marked Fuse-7 and
AMQ-7 as being affected (it is shipped and will) but having a low impact (it is
not used).
--
You are receiving this mail because:
You are on the CC list for the bug.