GitHub

log4j 1.2: Hybrid Maven/Ant build stuff - antrun ant junit tests breaking - MinimumTestCase failed

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-antrun-plugin:1.8:run (runAll) on project log4j: An Ant BuildException has occured: The following error ...
GitHub

log4j 1.2.15: "assembly descriptor filesystem-root relative reference" warning under maven-assembly-plugin 2.6

When I bumped maven-assembly-plugin from 2.2.2 to 2.6, I started getting this warning. [INFO] --- maven-assembly-plugin:2.6:assembly (default-cli) @ log4j --- [INFO] Reading assembly descriptor: ...
Dark Reading

The Log4j Flaw Will Take Years to Be Fully Addressed

More than 80% of Java packages affected by the vulnerability in the Apache Log4j library cannot be updated directly and will require coordination between different project teams to address the flaw. A ...
Threat Post

Third Log4J Bug Can Trigger DoS; Apache Issues Patch

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...
ZDNet

After Log4j, White House fears the next big open source vulnerability

The White House is holding a meeting today with Apache, Google, Apple, Amazon, and other major tech organizations to discuss software security and open source tools. This comes in the wake of the ...
VentureBeat

Log4j vulnerabilities, malware strains multiply; major attack disclosed

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More As cybersecurity teams grapple with having to potentially patch their ...