GitHub user ppkarwasz added a comment to the discussion: log4j version 2.17.1
That’s an excellent answer — thank you! Just to add for completeness: version 2.17.0 was never affected by CVE-2021-44832. This was confirmed in a later review (see apache/logging-site#6). GitHub link: https://github.com/apache/logging-log4j2/discussions/3679#discussioncomment-13212117 ---- This is an automatically sent email for dev@logging.apache.org. To unsubscribe, please send an email to: dev-unsubscr...@logging.apache.org
