Home Sign Up Sign In
V2EX = way to explore
V2EX 是一个关于分享和探索的地方
Sign Up Now
For Existing Member  Sign In
ciki
V2EX  ›  Java

druid 依赖 log4j 1.x,会受到漏洞影响吗?

  •   
  •   ciki · Dec 16, 2021 · 3338 views
    This topic created in 1601 days ago, the information mentioned may be changed or developed.

    不知道为啥 druid 到现在还依赖这个,也不能去掉,有影响吗?

  • Druid
  • log4j
  • 依赖
  • 去掉
    4 replies    2021-12-16 14:15:58 +08:00
    2i2Re2PLMaDnghL
        1
    2i2Re2PLMaDnghL  
       Dec 16, 2021
    1.x 不会受 44228 影响

    via <https://logging.apache.org/log4j/2.x/security.html>
    > Versions Affected: all versions from 2.0-beta9 through 2.12.1 and 2.13.0 through 2.14.1
    Finest
        2
    Finest  
       Dec 16, 2021
    是阿里的连接池 druid ,还是大数据的 druid
    ciki
        3
    ciki  
    OP
       Dec 16, 2021
    @hand515 阿里
    ciki
        4
    ciki  
    OP
       Dec 16, 2021
    @2i2Re2PLMaDnghL 原来如此
    About   ·   Help   ·   Advertise   ·   Blog   ·   API   ·   FAQ   ·   Solana   ·   2561 Online   Highest 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 42ms · UTC 05:12 · PVG 13:12 · LAX 22:12 · JFK 01:12
    ♥ Do have faith in what you're doing.